Course Overview

SDWADV is a 4-day Cisco SD-WAN training targeted to engineers and technical personnel involved in deploying, implementing, operating and optimizing Cisco SD-WAN solution, both in enterprise and Service Provider environments, including advanced features for centralized AAR/Data policies, QoS, application performance routing, configuration templates, control policies and troubleshooting common and advanced operating issues. The Cisco SD-WAN course is lab-intensive, and objectives are accomplished mainly through hands on learning and scripting.

Students taking this Cisco SD-WAN training course should be familiar with Wide Area Networks (WANs) in a variety of ways. Ideal candidates for this course include engineering and planning teams who evaluate WAN evolution and personnel involved in SD-WAN Design, Implementation and Operation.

Virtual Learning

This interactive training can be taken from any location, your office or home and is delivered by a trainer. This training does not have any delegates in the class with the instructor, since all delegates are virtually connected. Virtual delegates do not travel to this course, Global Knowledge will send you all the information needed before the start of the course and you can test the logins.

Course Objectives

After completing this course you should be able to:

  • Understand Cisco SD-WAN Architecture
  • Monitor Day-N SD-WAN Operations
  • In-depth Troubleshooting of the SD-WAN Fabric
  • Explore Advanced SD-WAN Policy Configuration
  • Identify Insights into Software-Defined Application Visibility Control

Course Content

Module 1: Cisco SD-WAN Introduction

  • High-level Cisco SD-WAN Deployment models
  • Application-level SD-WAN solution
  • Cisco SDWAN plan for HA and Scalability
  • Cisco SD-WAN solution components: vManage NMS, vSmart Controller, vBond Orchestrator
  • Edge Routers
  • Cloud Based Deployment vs On-Premises Deployment

Module 2: Zero Touch Provisioning

  • Overview
  • User Input Required for the ZTP Automatic Authentication Process
  • Authentication between the vBond Orchestrator and WAN Edges
  • Authentication between the Edge Routers and the vManage NMS
  • Authentication between the vSmart Controller and the Edge Routers

Module 3: Cisco SD-WAN Solution

  • Overlay Management Protocol (OMP)
  • Cisco SDWAN Circuit Aggregation Capabilities
  • Secure Connectivity in Cisco SD-WAN
  • Performance Tracking Mechanisms
  • Application Discovery
  • Dynamic Path Selection
  • Performance Based Routing
  • Direct Internet Access
  • Cisco SD-WAN In-built Security features: App Aware FW, Talos IPS, URL Filtering, Umbrella Integration & Advanced Malware Protection
  • Dynamic Cloud Access: Cloud On-Ramp for SaaS and IaaS (AWS, Azure & GPC)

Module 4: Operations Best Practices

  • Config: Test Configuration Changes Before Committing
  • NAT: Secure Routers Acting as NATs
  • Edge Routers: Connect to the Console Port
  • vManage Operrational Commands
  • SD WAN Devices: Site ID Naming Conventions
  • SD WAN Devices: Using the System IP Address
  • vManage NMS: Disaster Recovery
  • Disaster Recovery – Cluster failover scenarios
  • vManage Disaster Recovery Checklist
  • How to configure Disaster Recovery

Module 5: Application Monitoring (Including SD-AVC)

  • vManage – Application Monitoring
  • How to enable DPI on SD-WAN cEdge Routers
  • Monitoring Application traffic per device/site
  • How to enable SD-AVC on vManage and push to routers.
  • Configuring application log collection parameters.
  • vAnalytics
  • vAnalytics dashboard walk-through
  • vAnalytics Network Health
  • vAnalytics Network Availability
  • vAnalytics Applications
  • Ecosystem Partner Solutions

Module 6: General Troubleshooting

  • Check Application-Aware Routing Traffic
  • Collect Device Data to Send to Customer Support
  • Monitor Alarms and Events
  • Monitor TCP Optimization
  • Ping an SD WAN Device
  • Run a Traceroute
  • Simulate Flows
  • Troubleshoot Cellular Interfaces
  • Troubleshoot Device Bringup
  • Use Syslog Messages
  • Tunnel Health

Module 7: Troubleshooting: Data Plane Issues

  • BFD Session Information and Troubleshooting a BFD Session
  • Cflowd Issues
  • Data Policies
  • DPI Issues
  • Symptom: Site Cannot Reach Applications in Datacenter
  • Symptom: vManage Showing Edge Router or Interface Down
  • Symptom: Site-Wide Loss of Connectivity (Blackout)
  • Symptom: Poor Application Performance (Brownout)
  • Issue Severity Assessment

Module 8: Troubleshooting: Routing Issues

  • Troubleshooting NAT Issues for Control and Data connections
  • BGP Information
  • Multicast Information
  • OMP Information
  • OSPF Information
  • PIM Information
  • Symptom: Some or All Routes Missing from Edge Routing table
  • Symptom: Data Traffic Using Suboptimal Path
  • Symptom: Data Traffic Not Using All Transports

Module 9: Monitoring and Troubleshooting Application-Aware Routing

  • Application Performance with Cloud-Express Service
  • Tunnel Latency Statistics
  • Tunnel Loss Statistics

Module 10: Troubleshooting Policy Related Issues

  • Checking configuration
  • For Localized Policies
  • For Centralized Policies
  • How to check if FIA is enabled
  • Confirming and troubleshooting TCAM Issues
  • Enabling Various Policy Level Logs
  • FPM Logs
  • EPBR Logs
  • FNF Logs during config
  • Collecting Log Files
  • How to deal with too many logs

Module 11: Network Operations

  • Check Alarms and Events
  • Check User Accounts and Permissions
  • Deploy the SD WAN Overlay Network
  • Determine the Status of Network Sites
  • Control Connections
  • Data Connections
  • OMP Status
  • Enabling Embedded Packet Captures and Packet Trace on Cisco cEdges

Module 12: Security Certificate Troubleshooting

  • Generate a Certificate Signing Request
  • Issues when installing a certificate
  • Using Cisco Signed Certificates vs 3rd Party Signed Certificates
  • Upload the Edge Serial Number File

Module 13: SD WAN Devices Maintenance

  • Decommission a vEdge Cloud Router
  • Determine the Status of a Network Device
  • Migrate a Controller’s Virtual Machine Using vMotion
  • Remove an Edge Router’s Serial Number from the vManage NMS
  • Replace an Edge Router
  • Restore the vManage NMS
  • Set Up User Accounts to Access SD-WAN Devices
  • Validate or Invalidate an Edge Router
  • Software Versions Installed on a Device
  • Troubleshooting platform crash issues

Module 14: SD-WAN Device Operation and Troubleshooting

  • Determine Changes to a Configuration Template
  • Determine Why a Device Rejects a Template
  • Alarm Severity Levels
  • Hardware Alarms
  • Checking Alarms and Notifications
  • LEDs
  • Additional Information
  • Restore an Edge Router
  • Remove Edge Router Components

Labs:

  • Lab 1: Deploy and configure the Cisco SD-WAN Fabric
  • Lab 2: Operational Best Practices
  • Lab 3: Installing SD-AVC and monitoring CFlowD & DPI
  • Lab 4: Cisco SD-WAN Control Plan Troubleshooting
  • Lab 5: Cisco SD-WAN Data Plane Troubleshooting
  • Lab 6: Cisco SD-WAN Troubleshoot Routing Issues
  • Lab 7: Troubleshooting Cisco SD-WAN Policies
  • Lab 8: Configuring a vManasge Disaster Recovery Backup
  • Lab 9: Troubleshooting platform crash files
  • Lab 10: Configuring Cisco SD-WAN Alarms, Alerts and Notifications

Course Overview

The Data Center Nexus Dashboard Advanced (DCNDA) training focuses on how to deploy and use Cisco Nexus Dashboard Insights (NDI) and Cisco Nexus Dashboard Orchestrator (NDO) to successfully monitor data center networks, and to provision a Cisco Application Centric Infrastructure (ACI)-based multisite network. The training is three days long and includes several activities that are either lab simulations or live labs. Activities that pertain to Nexus Dashboard Insights are implemented with lab simulations based on a real-world lab environment, while the lab activity related to Nexus Dashboard Orchestrator uses live software.

Course Objectives

After completing this course you should be able to:

  • Describe Cisco Nexus Dashboard Insights 
  • Describe day-2 operational needs 
  • Describe the Cisco Nexus Dashboard Insights installation on Cisco Nexus Dashboard 
  • Describe Cisco Nexus Dashboard Insights switch telemetry 
  • Describe assurance analysis including multisite assurance 
  • Describe resource analysis 
  • Describe alerts analysis 
  • Describe Cisco NDI dashboards 
  • Describe the options for exporting data from NDI 
  • Describe Cisco NDI use cases 
  • Explore Cisco Nexus Dashboard Insights 
  • Explore vCenter Integration with Cisco NDI 
  • Explore Cisco NDI Assurance functions 
  • Describe Cisco Nexus Dashboard Orchestrator 
  • Describe Cisco NDO features and use cases 
  • Describe Cisco NDO platform support and the installation process 
  • Describe Cisco intersite connectivity 
  • Describe multisite schemas and templates 
  • Describe multipod and multisite integration 
  • Orchestrate Cisco NDO policies 

Course Content

Cisco Nexus Dashboards Insights Overview

  • Cisco NDI Day-2 Operations
  • Benefits of Using Cisco NDI 

Day-2 Operational Needs

  • Typical Needs of Day-2 Operations
  • Day-2 Operational Tasks
  • Challenges with Legacy Operational Tools 

Cisco Nexus Dashboard Insights Installation on Cisco Nexus Dashboard

  • Cisco NDI Application Installation Process
  • Cisco NDI Installation on a Physical Cluster
  • Cisco NDI Installation on a Virtual Cluster
  • Cohosting Cisco NDI and Other Services

Cisco Nexus Dashboard Insights Switch Telemetry

  • Telemetry Benefits
  • Cisco NDI Persistent IP Addresses
  • Flow Telemetry
  • Flow Telemetry Events
  • Software Telemetry

Assurance Analysis Including Multisite Assurance

  • Service Assurance with Cisco NDI
  • Assurance Analysis
  • Connectivity Explorer
  • Delta Analysis
  • Pre-Change Analysis
  • Compliance Analysis

Resource Analysis

  • Browsing Resources
  • Browsing Environmental Data
  • Browsing Flows
  • Browsing Endpoints
  • Browsing Interfaces
  • Browsing Events
  • Browsing vCenters

Alerts Analysis

  • Anomalies Analysis
  • Advisories Analysis 

Explore Cisco Nexus Dashboard Insights

  • Discovery Lab 1: Explore Cisco Nexus Dashboard Insights  

Cisco Nexus Dashboard Insights Dashboards

  • Overview Dashboard and Central Dashboard
  • Topology View
  • Custom Dashboards in Cisco NDI 

Options for Exporting Data from Cisco Nexus Dashboard Insights

  • Operational Data Export from Cisco NDI
  • Reports Export via Email
  • Events Export through the Kafka Message Bus
  • Syslog Messages Export
  • Log Collection

Cisco Nexus Dashboard Insights Use Cases

  • Is Efficient Troubleshooting Possible?
  • Does Your Network Comply with the Business Intent?
  • Is a Hardware Refresh Due Soon?
  • Should I Expect Any Problem with the Upcoming Software Upgrade?
  • Something Stopped Working – What Was the Cause?
  • Does the Configured Policy Allow for an Endpoint to Reach a Specific Destination IP?
  • If I make a Change in the Network, What would be the Consequences?

Cisco Nexus Dashboard Insights Integration with vCenter

  • Discovery Lab 2: Configure and Explore vCenter Integration with Cisco NDI 

Explore Cisco NDI Assurance Functions

  • Discovery Lab 3: Explore Cisco NDI Assurance Functions

Cisco NDO Overview

  • Need for Day2Ops Tools
  • Cisco Nexus Dashboard as a Platform for Cisco NDO
  • Cisco NDO Introduction

Cisco NDO Features and Use Cases

  • Cisco NDO Key Features and Benefits
  • Cisco NDO Use Cases
  • Cisco NDO Licensing

Cisco NDO Platform Support and Installation

  • Cisco NDO Installation
  • Adding Sites to Cisco Nexus dashboard and Cisco NDO
  • ISN Connectivity Provisioning
  • Site Connectivity Configuration Using Cisco NDO

Cisco NDO with Cisco ACI Multisite

  • Evolution to Multisite
  • Cisco Multisite Architecture
  • Namespace Normalization

Intersite Connectivity

  • Intersite Control Plane
  • Per BD Behavior
  • Intersite BUM Traffic Data Plane
  • Intersite Unicast Data Plane 

Multisite Schemas and Templates

  • Cisco NDO Schema and Templates
  • Template and Policy Deployment Plan
  • Multisite Connections to External Layer 3 Domains
  • Template Versioning
  • Template Disassociation 

Multipod and Multisite Integration

  • Cisco ACI Multipod and Multisite
  • IPN and ISN Connection

Orchestrate Cisco NDO Policies 

  • Discovery Lab 4: Orchestrate Cisco NDO Policies 

Labs

  • Discovery Lab 1: Explore Cisco Nexus Dashboard Insights 
  • Discovery Lab 2: Configure and Explore vCenter Integration with Cisco NDI 
  • Discovery Lab 3: Explore Cisco NDI Assurance Functions 
  • Discovery Lab 4: Orchestrate Cisco NDO Policies 

Course Overview

This course is hands-on training on Cisco Meraki SD-WAN implementations, basic and advanced Cisco Meraki SD-WAN Security features that are available on Meraki MX routers. Deep dive into capabilities like Firewall and Traffic, Application Aware Firewall, AMP Integration, Content Filtering, Threat Protection, and many other advanced features are covered as a part of this training. This course also provides hands-on training on Cisco Meraki SD-WAN Programmability features.

Virtual Learning

This interactive training can be taken from any location, your office or home and is delivered by a trainer. This training does not have any delegates in the class with the instructor, since all delegates are virtually connected. Virtual delegates do not travel to this course, Global Knowledge will send you all the information needed before the start of the course and you can test the logins.

Course Objectives

After completing this course you should be able to:

  • Introduction to Cisco Meraki SD-WAN Solution and Products/Components
  • Understand key concepts of Cisco Meraki SD-WAN
  • Implement Meraki SD-WAN Solution
  • Understand Cisco Meraki SD-WAN Security Features
  • Implement Firewall and IPS Policies
  • Understand Cisco SD-WAN Programmability features
  • Script APIs to automate Cisco SD-WAN vManage configurations

Course Content

Module 1: Introduction to Meraki SD-WAN and Meraki Key Concepts

  • Meraki Centralized Dashboard
  • Meraki key concepts
  • Meraki Concentrator Mode
  • VPN Topology
  • Split Tunnel and Full Tunnel
  • Hub and Spoke and VPN Mesh
  • Meraki Connection Monitor
  • Data Center Redundancy (DC-DC Failover)
  • Warm Spare for VPN Concentrators

Module 2: Meraki SD-WAN Deployment Models

  • Introduction
  • Data Center Deployment
  • MX Deployment Considerations
  • Upstream DC Switching Considerations
  • Routing Considerations
  • Firewall Considerations
  • Branch Deployment
  • AutoVPN at the Branch
  • Hub and Spoke VPN Deployment
  • Hub Priorities and Design considerations

Module 3: Meraki SD-WAN Security

  • Exploring the SD-WAN and Security Dashboard
  • Site-to-site VPN Deep Dive
  • Client VPN Technologies
  • Access control and Splash Page
  • NAT and Port Forwarding
  • Firewall and Traffic Shaping
  • Content Filtering and Threat Protection
  • Meraki and Cisco Umbrella Integration

Module 4: Firewall and Traffic Shaping Policies

  • MX Firewall Settings
  • Outbound Rules
  • Appliance Services
  • Layer 7 Firewall Rules
  • Forwarding Rules
  • IP Source Address Spoofing Protection
  • Overview and Key Terms
  • NAT Modes Implementation
  • Supported Deployment Topologies
  • SD-WAN and Traffic Shaping
  • Uplink Configurations
  • Uplink Selections
  • Global Bandwidth Limitations
  • Traffic Shaping Rules
  • Web Cache

Module 5: SD-WAN Security – Content Filtering and Threat Protection

  • MX and Active Directory Integrations
  • Content Filtering Implementations and Troubleshooting
  • Cisco AMP Integrations and Threat Protection
  • Threat Grid Integrations

Module 6: Programmable API

  • Meraki Dashboard API with Postman
  • Meraki Organization and Networks Import into Postman
  • Meraki Devices into the appropriate Networks using APIs
  • Troubleshooting Meraki using APIs
  • Dashboard
  • Device Dashboard

Course Overview

TheCisco Intersight Essentialstraining teaches you various aspects of Cisco Unified Computing System (UCS), including hardware, connectivity, and management. You will learn Cisco Intersight characteristics, licensing, and features, along with insights into server profile deployment and prerequisites for installing operating systems from Cisco Intersight.

This training prepares you for configuring, managing, and monitoring your network, computing, and storage assets. You will gain experience using features, such as Cisco Intersight Workload Optimizer (IWO), Cisco Intersight Cloud Orchestrator (ICO), and Cisco Intersight Virtualization Services (IVS). Also, you will become familiar with the Cisco Intersight Application Programming Interface (API) by using HashiCorp Terraform to automate Cisco Intersight configuration.

Course Objectives

After completing this course you should be able to:

  • Describe Cisco UCS hardware, connectivity, and management 
  • Describe Cisco Intersight characteristics 
  • Describe Cisco Intersight licensing and its features 
  • Describe Cisco Intersight server profile deployment 
  • Describe prerequisites and various options for installing an operating system from Cisco Intersight 
  • Describe Cisco Intersight Virtual Appliance and how to deploy and configure different deployment modes 
  • Describe the Cisco UCS X-Series Platform 
  • Describe Cisco UCS M6 portfolio of products 
  • Describe firmware management in Intersight for Cisco UCS infrastructure devices 
  • Describe Cisco UCS Converged Infrastructure 
  • Describe Cisco Intersight account creation and the most important settings 
  • Describe Cisco Intersight Managed Mode (IMM) 
  • Describe Cisco HyperFlex Deployment with Cisco Intersight 
  • Describe Cisco Intersight IVS features and functionality and describe additional ecosystem services that support virtualization service 
  • Describe Cisco Intersight IWO, model your environment as a market with buyers and sellers, and discover IWO’s monitoring targets, policies, and planning scenarios to set up a configuration plan 
  • Describe how to use Intersight ICO and Workflow Automation to manage and automate IT operations, create and manage tasks, and design custom workflows using a drag-and-drop interface, resulting in greater efficiency and reduced costs 
  • Provide a brief description of HashiCorp Terraform 
  • Describe Cisco Intersight API 
  • Describe the process of using Cisco Intersight to install vMedia-based operating systems on managed servers in your data center, unattended installations on Cisco UCS C-Series standalone servers, and Cisco Intersight Managed Mode servers 
  • Describe the usage of the IMM Transition Tool 

Course Content

Cisco Unified Computing System Fundamentals

  • Cisco UCS Server Hardware
  • Cisco UCS Connectivity
  • Cisco UCS Manager
  • Cisco Intersight
  • Cisco UCS Service and Server Profiles

Cisco Intersight Characteristics

  • Cisco Intersight Architecture
  • Flexible Deployment Models
  • Cisco Intersight Authentication Options
  • Setup Cisco Intersight SaaS Account
  • Cisco Intersight Role-Based Access Control
  • Connected Cisco Technical Assistance Center
  • Cisco Intersight Tagging
  • Cisco Intersight Dashboard,Inventory and Faults
  • Firmware Management
  • Hardware Compatability List (HCL) Feature
  • Best Practices for Updating Firmware using Cisco Intersight
  • Cisco Intersight Managed Operating System Installation

Cisco Intersight Licensing Options

  • Cisco Intersight Licensing
  • Cisco Licensed Features

Cisco Intersight Server Profile Deployment

  • Cisco Unified Computing System Server Profile Overview
  • Cisco UCS Pools and Server Policies
  • Configuring Compute Policy
  • Cisco UCS Server Profile Templates
  • Deploying a Cisco UCS Server Profile
  • Configuring and Applying Service Profile
  • Importing a Cisco UCS Server Profile
  • Cloning Cisco UCS Server Profiles
  • Unassigning a Cisco UCS Server Profile
  • Assign Server Profile to a Server

Cisco Intersight Server Operating System Installation

  • Cisco Intersight Operating System Installation
  • Cisco Intersight Operating System Installation Requirements
  • Adding an Operating System Image
  • Adding an SCU
  • Operating System Installation Using Cisco Source
  • Operating System Installation Using Custom Source
  • Operating System Installation Using Embedded Source
  • Understanding Placeholder Variables
  • Password Encryption in Operating System Install
  • Operating System Installation Using a CSV File

Cisco Intersight Virtual Appliance

  • Cisco Intersight Virtual Appliance Overview
  • Cisco Intersight Virtual Appliance System Requirements
  • Cisco Intersight Virtual Appliance Licensing
  • Cisco Intersight Virtual Appliance Setup
  • Cisco Intersight Virtual Appliance Initial Setup Wizard
  • Cisco Intersight Connected Virtual Appliance
  • Cisco Intersight Private Virtual Appliance
  • Claiming Targets in Cisco Intersight Virtual Appliance
  • Cisco Intersight Virtual Appliance Backup and Restore
  • Cisco Intersight Virtual Appliance Feature Matrix
  • Installation of Cisco Intersight Virtual Appliance Licensing

Cisco Unified Computing System X-Series

  • Data Center Trends
  • Cisco UCS X-Series Architecture
  • Cisco UXS X-Series Hardware
  • Cisco UCS X-Series Deployment
  • Cisco Intersight Deployment Models
  • Cisco Intersight Managed Mode Overview
  • Device Console
  • Organizations with RABAC
  • Cisco Intersight Alarms and Faults
  • Cisco Intersight Custom Dashboards
  • Cisco Intersight Syslog Policies
  • SNMP Support
  • Ciso UCS X-Series Fabric Review
  • Cisco UCS Fabric Interconnect Port Configuration
  • Ethernet Switching Modes
  • Fibre Channel Switching Modes
  • Storage Connectivity

Cisco Unified Computing System B- and C-Series Servers

  • Intel Innovations
  • Cisco UCS C220 M6
  • Cisco UCS C220 M7
  • Cisco UCS C240 M6
  • Cisco UCS C240 M7
  • AMD Innovations
  • Cisco UCS C225 M6 Rack Server
  • Cisco UCS C245 M6
  • The Power of Cisco Intersight
  • Cisco Network Adapters and GPUs for Rack Servers
  • Management Options for Cisco UCS Rack Servers
  • Cisco UCS B200 M6
  • Cisco UCS B200 M5 to Cisco UCS B200 M6 Comparison

Cisco Intersight Platform Firmware Operation

  • Cisco Intersight Platform Firmware Operations Review
  • Cisco Intersight Firmware Bundles
  • Cisco Intersight Standalone Servers Firmware Management
  • Cisco Intersight HyperFlex Firmware Management
  • Cisco UCS Managed Server Firmware Management
  • Cisco Intersight Managed Mode Firmware Management
  • Cisco Intersight Hardware Compatability Lists

Cisco Unified Computing System Converged Infrastructure

  • Cisco UCS Converged Infrastructure Overview
  • Cisco Validated Designs
  • Cisco Intersight Integration
  • Cisco Intersight Orchestration
  • Cisco UCS X-Series with FlexPod
  • Cisco UCS X-Series with FlashStack

Accessing Cisco Intersight

  • Cisco Intersight Login
  • Cisco Intersight Licensing
  • Cisco Intersight Single Sign-On
  • Cisco Intersight Organizations
  • Intersight Dashboard Management
  • Cisco Intersight Inventory Views

Cisco Intersight Managed Mode

  • Cisco Intersight Managed Mode Overview
  • Cisco IMM Benefits

Cisco HyperFlex Deployment with Cisco Intersight

  • Cisco HyperFlex Installation Using Cisco Intersight
  • Installing, Configuring and Deploying HyperFlex with Cisco Intersight
  • Cisco HyperFlex Edge ESXi Installation through Cisco Intersight Differences
  • Cisco HyperFlex Initial Functionality Validation
  • Cisco HyperFlex Full Stack Upgrade
  • Cisco HyperFlex Upgrade Enhancements
  • Additional Cisco Intersight HX Cluster Features and Configurations

Cisco Intersight Virtual Services

  • Cisco Intersight Platform Firmware Operations Overview
  • Cisco IVS for On-Premises Workloads
  • Cisco IVS for Public Clouds
  • Cisco Intersight VMware Features
  • IVS Targets Device Claiming
  • Cisco IVS Use Cases

Cisco Intersight Workload Optimizer

  • IWO Introduction and Overview
  • Getting Started with Cisco IWO
  • GUI and Dashboards
  • Settings and User Access
  • Targets and Cisco Integrations
  • Configuring Targets and Licensing IWO
  • Adding Cloud Targets in IWO
  • Day-to-Day Optimization
  • Policies and Automation
  • Configuring Device Groups in Cisco IWO
  • Setting Up Schedules and Automation Actions
  • Configuring Optimization Policies in IWO
  • IWO Planning
  • Adding Workload Plan in IWO
  • Planning Hardware Replacement in IWO
  • Planning Migrations to Public Cloud in IWO
  • Optimizing Cloud Plan in IWO

Cisco Intersight Cloud Orchestration

  • Introducing Cisco ICO
  • Cisco ICO Tasks
  • Cisco ICO Task Designer
  • Cisco ICO Workflows
  • Cisco ICO Workflow Designer
  • Cisco ICO Task Response Parser
  • Cisco ICO Workflow Versioning
  • Task Ouputs as Inputs for Other Tasks
  • Cisco ICO Rollback Tasks
  • Cisco ICO Conditional Tasks
  • Cisco ICO Transformations

Terraform Provider Registry

  • Getting started with Terraform
  • Installing Hashicorp Terraform
  • Terraform Commands
  • Terraform Components
  • Terraform with Cisco Intersight

Cisco Intersight API

  • Cisco Intersight API Overview
  • Cisco Intersight REST API with Postman
  • Cisco Intersight Integration with ServiceNow
  • Ansible Integration with Cisco Intersight

Cisco IMM Transition Tool

  • IMM Transition Tool Overview
  • IMM Transition Tool Features
  • IMM Transition Tool Installation
  • IMM Transition Tool Readiness Report

Labs:

  • Discovery Lab 1: Navigate the Cisco Intersight User Interface
  • Discovery Lab 2: Configure Organizations and Roles
  • Discovery Lab 3: Configure Server Features
  • Discovery Lab 4: Create Pools and Policies
  • Discovery Lab 5: Create Server Profile
  • Discovery Lab 6: Create Server Profiles from Server Profile Template
  • Discovery Lab 7: Configure Cisco ICO
  • Discovery Lab 8: Configure Terraform Provider Registry
  • Discovery Lab 9: Configure Cisco Intersight API with Python
  • Discovery Lab 10: Configure Cisco Intersight API with Ansible

Course Overview

The Cisco Data Center Nexus Dashboard Essentials training teaches you how to plan, implement, manage, operate, monitor, and troubleshoot the infrastructure of your data centers using the Cisco Nexus Dashboard platform.

The goal of this training is to provide fundamental knowledge for the Cisco Nexus Dashboard platform. It discusses the components and the structure of the platform, as well as how to plan for the installment and deployment, looking at the physical and virtual resource requirements, licensing, connectivity, cluster size, and software stack. Additionally, you will be acquainted with the Graphical User Interface (GUI) and the different functions to create and manage sites in the Cisco Nexus Dashboard.

You will learn how to monitor, troubleshoot, and administer the platform, including the authentication and authorization of the administrators’ access.

This training is worth 26 Continuing Education (CE) credits toward recertification.

Course Objectives

After completing this course you should be able to:

  • Explore the Cisco Nexus Dashboard platform 
  • Explain Cisco Nexus Dashboard licensing options, cluster connectivity, GUI, software stack, roles, permissions, tech support, troubleshooting, and installation procedure for adding applications 
  • Perform Cisco Nexus Dashboard firmware upgrades 
  • Configure Cisco Nexus Dashboard remote authentication 
  • Monitor Cisco Nexus Dashboard resources 
  • Describe Cisco Nexus Dashboard Fabric Controller (NDFC) and its dashboards 
  • Explore the Data Center with Cisco NDFC topology, including customizable templates, deployment, existing network devices, Virtual eXtensible Local Area Network (VXLAN) Ethernet Virtual Private Network (EVPN), Representational State Transfer (REST) Application Program Interface (API), migration, and image, license, and network management 
  • Describe enhanced Role-Based Access Control (RBAC) for fabric objects 

Course Content

Cisco Nexus Dashboard Platforms

  • The need for Day-2 Operations Tools
  • Cisco Nexus Dashboard Insights Application Use Cases
  • Cisco Nexus Dashboard Orchestrator Application Use Cases
  • Cisco Nexus Dashboard Fabric Controller Application Use Cases
  • Cisco Nexus Dashboard Data Broker Application Use Cases
  • Physical and Virtual Cisco Nexus Dashboard Platforms
  • Cisco Nexus Dashboard Cluster Node Roles
  • Deployment and Placement of Nodes Across Sites
  • Cisco Nexus Dashboard One View

Cisco Nexus Dashboard Licensing Options

  • Cisco Nexus Dashboard Licences
  • Licensing the Cisco Nexus Dashboard

Cisco Nexus Dashboard Cluster Connectivity

  • Cisco Nexus Dashboard Logical Network Connectivity
  • Physical Cisco Nexus Dashboard Cluster Connection
  • IP Pools for Services Configuration
  • Connection Mode Comparison

Cisco Nexus Dashboard GUI Overview

  • One View
  • Admin Console
  • Sites Menu
  • Services Menu
  • System Resources Menu
  • Operations and Infrastructure Menus
  • Administrative Menu

Cisco Nexus Dashboard Software Stack

  • Cisco Nexus Dashboard Software Stack

Cisco Nexus Dashboard Installation Procedures

  • User Interface Bootstrap
  • Node registration
  • Connection to Cisco Intersight
  • Onboarding Sites

Cisco Nexus Dashboard Firmware Upgrades

  • Firmware Upgrade Prerequisites and Guidelines
  • pND Platform Upgrade
  • vND Platform Upgrade

Application Installation on Cisco Nexus Dashboard

  • Installation from the App Store
  • Installation Using a Downloaded Application Package

Cisco Nexus Dashboard Roles and Permissions

  • User Roles Configuration
  • Adding a Local User

Cisco Nexus Dashboard Remote Authentication

  • Remote Authentication Configuration

Cisco Nexus Dashboard Resource Monitoring

  • Introduction to Resource Monitoring
  • System Resources Menu
  • Resource Utilization Dashboards

Cisco Nexus Dashboard Tech Support and Troubleshooting

  • Generating a Tech Support Package
  • Using Basic CLI (rescue-user)

Add Sites to Cisco Nexus Dashboard

Explore Cisco Nexus Dashboard

Cisco Nexus Dashboard Fabric Controller Overview

  • Cisco NDFC Overview
  • Cisco NDFC Features
  • Cisco NDFC Use Cases
  • Cisco NDFC High Availability
  • Cisco NDFC Connectivity
  • Cisco NDFC Automation and REST APIs

Cisco Nexus Dashboard Fabric Controller Dashboards

  • Dashboard Overview
  • Endpoint Locator Dashboard
  • VM Dashboards

Data Center Exploration with Cisco NDFC Topology

  • Topology Window
  • LAN Fabrics
  • LAN Credential Management
  • LAN Switches

Cisco NDFC Customizable Templates

  • Customizable Templates
  • Using Templates in Cisco NDFC

Image Management Using Cisco NDFC

  • Image Management Overview
  • Upgrading Switches with New Images

License Management Using Cisco NDFC

  • Licensing of Cisco NDFC Fabrics
  • License Management in Cisco NDFC

Enhanced RBAC for Fabric Objects

  • Cisco NDFC Role-Based Access Contol
  • Cisco NDFC Roles
  • Enhanced RBAC Use Cases
  • Cisco NDFC Integration with External AAA

Explore Cisco Nexus Dashboard Fabric Controller

Manage the Network with Cisco NDFC

Deploying Cisco Nexus Dashboard Fabric Controller

  • Cisco NDFC Form Factors
  • Cisco NDFC Deployment and Connectivity Options
  • Co-Hosting Cisco NDI and Cisco NDFC

Discovering Network Devices with Cisco NDFC

  • Configuring Switches for Discovery
  • Using Cisco NDFC to Discover Network Devices

Deploy VXLAN EVPN with Cisco NDFC

  • VXLAN Overlays and Underlays
  • Data Center VXLAN EVPN Fabric Underlay Model
  • Configuration Policy
  • Configuration Compliance
  • Deploy vPCs Fabric Peering
  • Fabric Recalculate and Deploy Diffs and Configuration Troubleshooting

Managing and Monitoring the Data Center with Cisco NDFC

  • Deploying changes to the Fabric
  • Enabling Freeform Switch Config
  • Fabric Builder for VXLAN EVPN Fabrics
  • Adding Switches to Fabric with POAP
  • MSD VXLAN EVPN Fabric Creation
  • EBGP Peering Session from Fabric
  • Border Gateway Setup as Part of MSD
  • Backup and Restore Fabric Configurations
  • Create Programmable Reports
  • Alarms, Alerts and Monitoring Health

Cisco Nexus Dashboard Fabric Controller REST API

  • Exploring APIs for Network Management
  • REST, JSON and Postman
  • Cisco NDFC REST API
  • Automating Cisco NDFC with Ansible

Cisco Data Center Network Manager to Cisco NDFC Migration

  • Migration Guidelines and Prerequisites
  • Backing Up a Csico DCNM Configuration with Upgrade Tool
  • Migrating a Cisco DCNM Configuration to Cisco NDFC
  • Post-Migration Steps

Configure and Execute Cisco NDFC POAP

Configure VXLAN with a BGP Control Plane

Labs:

  • Discovery Lab 1: Connect Sites to Cisco Nexus Dashboard
  • Discovery Lab 2: Explore Cisco Nexus Dashboard
  • Discovery Lab 3: Explore Cisco Nexus Dashboard Fabric Controller
  • Discovery Lab 4: Manage the Network with Cisco NDFC
  • Discovery Lab 5: Configure and Execute Cisco NDFC POAP
  • Discovery Lab 6: Configure VXLAN with a BGP Control Plane

Course Overview

INCVDO, Cisco CyberVision Deployment and Operation, is a 3-day instructor-led course. Security is every enterprise’s top priority in today’s connected world and keeping enterprise architecture secure will protect business values and outcomes. Thus, a critical element to the success of any network is ensuring and maintaining security – it’s a need that is applicable to all networks and network devices, including those that power Cisco Internet of Things technologies and solutions. In an effort to simplify cybersecurity and increase device visibility within systems utilized by our IoT customers and partners, Cisco introduces Cisco Cyber Vision – a software cybersecurity solution for Operations Technology (OT). This course uses Cisco Validated Designs (CVD) to build a foundational understanding of the potential security threats impacting todays IoT Extended Enterprise and IT – OT integration using Cyber Vision. The goal of this course is to help the student understand the types of attacks, the types of targets and the tools available to protect the Industrial IoT architecture and to use Cyber Vision to keep the IoT infrastructure safe. Practical skills will be achieved using real-world scenarios and examples in a lab developed for such a purpose.

Course Objectives

After completing this course you should be able to:

  • Explain the common vulnerabilities in the IoT deployments.
  • Explain the cybersecurity approach for IoT architectures.
  • Define the Cyber Vision main concepts.
  • Describe Cyber Vision solution portfolio.
  • Describe and use the Cyber Vision GUI.
  • Identify and explain Cyber Vision Installation and Support procedures.
  • Define Cyber Vision Assessment.
  • Identify Cyber Vision Assessment components.
  • Explain and use Cyber Vision Asset solution.
  • Describe and use Cyber Vision API for Automation.
  • Identify Cyber Vision use cases.

Course Content

Lesson 1: Industrial Internet of Things Security Threats

  • Describe security threats and potential impacts on the network
  • Understand the security challenges faced by the IIoT staff on a daily basis
  • Explain why Cisco Validated Designs lead to a more secure infrastructure
  • Describe security threats in the Extended Enterprise network

Lesson 2: Introducing Cyber Vision

  • Cybersecurity overview in IIoT deployments
  • Cyber Vision overview
  • Cyber Vision solution components
  • Cyber Vision installation procedure

Lesson 3: Cyber Vision Concepts

  • Preset
  • Filters
  • Component
  • Activity
  • Flow
  • Time span
  • Tags
  • Properties
  • Vulnerabilities
  • Events
  • Credentials
  • Variable accesses

Lesson 4: Cyber Vision GUI Exploration

  • General Dashboard
  • Preset Views
  • Panels
  • Reports
  • Events
  • Monitor
  • Search
  • Admin
  • Systems Statistics
  • My Settings

Lesson 5: Cyber Vision Operation

  • Using General Dashboard
  • Explore Preset Views and Panels
  • Examine and generate Reporting features
  • Working with Events, Alerts and Audits.
  • Using Monitor Mode and its Views
  • Describing and Exploring Monitor Mode Differences
  • Creating Baselines from default preset and from groups
  • Defining with Weekend Baselines
  • Enabling and using Baselines
  • Cyber Vision Use Cases
  • Administering Cyber Vision System and Data Management
  • Cyber Vision Center and Sensors general administration
  • Administering Users
  • Administering Events
  • Administering Licensing
  • Working with RBAC and LDAP Settings
  • Exploring and using Cyber Vision API
  • Cyber Vision Context Information Exchange with pxGrid
  • IDS functionality with SNORT
  • Cyber Vision Integrations and Extensions
  • Working with My Settings

Labs:

  • Lab 1: Explore Overall system architecture
  • Lab 2: Work with Asset and flow visibility
  • Lab 3: Work with Organization and viewing data in the system
  • Lab 3: Use System events to quickly identifying changes in the environment
  • Lab 4: Generate Reports for compliance and tracking
  • Lab 5: Quickly identify vulnerabilities
  • Lab 6: Use Role Based Access Control
  • Lab 7: Configure Syslog Integrations (SIEM)
  • Lab 8: Explore Cisco Cyber Vision operation and upgrade
  • Lab 9: Configure dashboard for auto-login to CV
  • Lab 10: Configure and use Packet replay and capture

Course Overview

This course teaches you the fundamental skills necessary to configure and manage modern, open standards-based networking solutions using Aruba’s OS-CX routing and switching technologies. This course consists of approximately 60% lecture and 40% hands-on lab exercises to help you learn how to implement and validate small to medium enterprise network solutions. This 5-day course prepares network professionals for the Aruba Certified Switching Associate exam.

In this course, participants learn about ArubaOS-CX switch technologies including: Virtual Local Area Networks (VLANs), secure access using features like dynamic segmentation, redundancy technologies such as Multiple Spanning Tree Protocol (MSTP), link aggregation techniques including Link Aggregation Control Protocol (LACP), and switch virtualization with Aruba’s Virtual Switching Framework (VSF). You also learn about IP Routing including static and dynamic IP routing with Open Shortest Path First (OSPF).

Course Objectives

After you successfully complete this course, expect to be able to:

  • Network Fundamentals
  • Review Aruba Switching portfolio
  • ArubaOS-CX Network Operating System
  • VLANs
  • Spanning Tree Protocol
  • VRRP
  • Link Aggregation
  • IP Routing
  • Subnetting
  • OSPFv2 – Single Area
  • Stacking using VSF
  • Secure Management and Maintenance
  • Aruba NetEdit

Course Content

After you successfully complete this course, expect to be able to:

  • Network Fundamentals
  • Review Aruba Switching portfolio
  • ArubaOS-CX Network Operating System
  • VLANs
  • Spanning Tree Protocol
  • VRRP
  • Link Aggregation
  • IP Routing
  • Subnetting
  • OSPFv2 – Single Area
  • Stacking using VSF
  • Secure Management and Maintenance
  • Aruba NetEdit

Too much information 

Course Content

Top 

Network Fundamentals

  • What is a network?
  • What is a Protocol?
  • OSI Reference Model
  • Encapsulation, frames, packets, segments
  • Layer 2 to Layer 7 headers
  • Media, cabling, Ethernet/wifi headers
  • Binary/Hex/Decimal theory and conversion
  • TCP/IP Stack (IP addressing & Transport Protocols TCP/UDP)
  • Types of traffic: Unicast, Broadcast, Multicast

TCP/IPStack

  • Overview
  • Ethernet frames
  • IPv4 Header
  • TCP Header – Three-way Handshake
  • TCP Header – Sequence Numbers
  • TCP Header – Port Numbers
  • TCP Header
  • UPD Header

Basic Networking with Aruba Solutions

  • Networking devices: Switches, Routers, Multilayer Switches, APs, Mobility Controllers, Firewalls, Servers (HTTP, DHCP, DNS, Telnet, FTP)
  • 2-Tier vs 3-Tier hierarchy
  • Switching Portfolio (AOS switches & AOS-CX switches)is this introducing both portfolio on a couple of slide and few slides on AOS-CX hardware architecture, software architecture and intro to NAE high level.
  • Introduction to AOS-CX and feature set
  • Port numbering
  • Accessing Aruba OS-CX CLI
  • Prompt modes/levels and navigation
  • Context sensitive help
  • Show logs, configuration, interfaces, transceivers, flash, version
  • Hostname/interface name, enabling interfaces
  • Link Layer Discovery Protocol
  • ICMP and reachability testing tools: Ping and Traceroute
  • PoE (standards one slide and what we support and one or two slide on configuration and verifications.)

VLANs

  • Broadcast/collision domains
  • VLAN benefits
  • VLAN creation
  • DHCP serverconfiguration in switches (optional)
  • 802.1Q tagging
  • Switchports vs. Routed ports
  • MAC address table
  • ARP table
  • Packet Delivery part 1

Spanning Tree Protocol

  • Redundant network
  • L2 loops
  • 802.1D
  • Common Spanning Tree
  • 802.1s
  • 802.1w overview
  • 802.1w load balancing
  • 802.1w region configuration

Link Aggregation

  • Static Aggregation
  • LACP
  • Load Balancing

IPRouting – Part 1

  • Default Gateway
  • DHCP IP Helper Address
  • IP Routing Service
  • Inter-VLAN routing
  • Packet Delivery Part 2
  • Need for layer 3 redundancy
  • Introduction to VRF

VRRP

  • VRRP overview
  • VRRP basic operation
  • VRRP failover and preempt
  • VRRP and MSTP coordination

IPRouting – Part 2

  • Subnetting
  • CIDR
  • Static routes
  • Administrative Distance
  • Floating routes
  • Scalability issues

IPRouting – Part 3

  • IGP vs EGP
  • Distance Vector vs Link State
  • OSPF Router-ID and Hello Messages
  • Passive interfaces
  • States
  • DR and BDR
  • LSDB: LSA 1 and 2
  • Path selection and convergence
  • Using cost to manipulate routes

Stacking

  • Control Plane, Management Plane, and Data Plane
  • Introduction to Stacking technologies
  • Stacking Benefits
  • Centralized control and management plane
  • Distributed Data Plane and Distributed Link Aggregation
  • VSF
  • VSF requirements
  • VSF Link and member roles
  • VSF member IDs and port numbers
  • VSF Configuration
  • VSF Provisioning use cases
  • Tracing Layer 2 traffic: Unicast
  • Tracing Layer 2 traffic: Broadcast, Multicast, and Unknown Unicast
  • VSF Failover and OSFP Graceful-Restart
  • VSF Link failure without MAD
  • MAD
  • VSX Introduction

Secure Management and Maintenance

  • OOBM port
  • Management VRF
  • Secure Management Protocols: AAA, SSH, HTTPS, RBAC
  • Radius-based management auth (VSA)
  • SNMP
  • Web interface
  • Configuration file management (Backup, restore, checkpoint and roll back)
  • Operating System image management (backup and restore)
  • Factory default/password recovery

AOS-CX Management tools

  • Intro to NetEdit
  • NetEdit installation
  • Basic monitoring with NetEdit
  • AOS-CX Mobile App

Course Overview

The Aruba Network Security Fundamentals course covers foundational security concepts and prepares candidates to take the exam to achieve Aruba Certified Networking Security Associate (ACNSA) certification. The course describes common security threats and vulnerabilities and provides an overview of important security technologies. It teaches how to create a trusted network infrastructure with Aruba mobility solutions and switches.  In addition to discussing device hardening, the course discusses implementing security at the edge with AAA, basic roles and firewall policies, dynamic segmentation, and endpoint classification. The course will further explain basic threat detection technologies and how to collect logs and alarms and use them to initiate an investigation.

Course Objectives

After you successfully complete this course, expect to be able to:

1- Protect and Defend

  • Define security terminology
  • Harden devices
  • Secure a WLAN
  • Secure a wired LAN
  • Secure the WAN
  • Classify endpoints

2- Analyze

  • Threat detection
  • Troubleshooting
  • Endpoint classification

3- Investigate

  • Forensics

Course Content

Security Threats and Aruba Security Strategy

  • Threats Overview
  • Attack Stages
  • Aruba Security Strategy 

Security Technologies

  • Regulatory Compliance
  • Secure Communications: Symmetric Encryption and Hash-Based Authentication
  • Secure Communications: Asymmetric Encryption and Digital Certificates
  • Secure Communications: TLS
  • Authentication, Authorization, Accounting (AAA)

Harden Aruba Switches

  • Hardening Overview
  • Set Up Out-of-Band Management
  • Authenticate Managers Securely
  • Ensure Physical Security and Other Hardening Actions

Harden ArubaOS Wireless Devices

  • Lock Down Administrative Access
  • Lock Down Services
  • Use CPSec

Enhance LAN Security

  • Spanning Tree Protections
  • DHCP Snooping and ARP Protection
  • Secure Routing Technologies

Network Authentication Technologies

  • Network Authentication
  • WLAN Security—Encryption + Authentication

Enforce Edge Security with an Aruba Infrastructure

  • Enforce WPA3-Enterprise
  • Enforce 802.1X on the Wired Network

Enforce Role-Based Authentication and Access Control

  • Aruba Role-Based Firewall Policies
  • Dynamic Segmentation

Identify and Classify Endpoints

  • Endpoint Classification Introduction
  • DHCP Fingerprinting with ArubaOS Mobility Devices
  • Aruba ClearPass Policy Manager Device Profiler
  • ClearPass Device Insight

Branch Security

  • Introduction to Aruba SD-Branch Solutions

Implement Threat Detection and Forensics

  • Understand Forensics
  • Analyze ArubaOS WIP Events

Troubleshoot and Monitor

  • Introduction to Troubleshooting Authentication Issues
  • Using ClearPass Tools to Troubleshoot Some Common Issues
  • Packet Captures
  • Monitoring

Course Overview

This course provides foundational skills in network access control using the Aruba ClearPass product portfolio. The course includes both instructional modules and labs to teach participants about the major features in the ClearPass portfolio. Participants learn how to setup ClearPass as an AAA server and configure the Policy Manager, Guest, OnGuard and Onboard feature sets. In addition, the course covers integration with external Active Directory servers, monitoring and reporting, as well as deployment best practices. The student gains insight into configuring authentication with ClearPass on both wired and wireless networks.

Course Objectives

Upon successful completion of this course, students should be able to: 

• Implement a ClearPass network access solution 

• Design and apply effective services and enforcement in ClearPass 

• Troubleshoot a ClearPass solution 

Course Content

Aruba ClearPass Configuration | H37YRS (hpe.com)

Course Overview

This course prepares participants with foundational skills in Network Access Control using the ClearPass product portfolio. This course includes both instructional modules and labs to teach participants about the major features of the ClearPass portfolio. Participants will learn how to set up ClearPass as an AAA server, and configure the Policy Manager, Guest, OnGuard and Onboard feature sets. In addition, this course covers integration with external Active Directory servers, Monitoring and Reporting, as well as deployment best practices. The student will gain insight into configuring authentication with ClearPass on both wired and wireless networks.

Course Objectives

After you successfully complete this course, expect to be able to:

  • Design a ClearPass cluster
  • Design a High availability solution with Virtual IP address following the best practices
  • Describe Public Key Infrastructure and certificate format types
  • Plan the certificates used by ClearPass
  • Explain how Enrollment over Secure Transport can automate the certificate generation process
  • Leverage RADIUS services to handle corporate wireless connections
  • Deploy WEBAUTH services to handle health checks
  • Describe the proposed RADIUS services that handles guest wireless connections
  • Explain general guest considerations
  • Design guest RADIUS services
  • Describe the proposed Onboard services
  • Describe the MPSK feature
  • Leverage these features in your deployment
  • Plan a successful wired access deployment
  • Provide administrative access control to ClearPass modules and NADs
  • Generate custom reports and alerts

Course Content

Network Requirements

  • ClearPass Goals
  • Network Topology
  • List of available resources
  • Scenario Analysis
  • Authentication requirements
  • Multiple user account databases
  • User Account attributes
  • High Level Design

PDI and Digital Certificates

  • Certificate Types
  • PKI
  • Certificate Trust
  • Certificate File Formats
  • ClearPass as CA
  • Certificate Use cases:
    • EAP
    • HTTPS
    • Service-based certificates
    • Onboarding
    • Clustering
    • RadSec
    • NAD Captive Portal
  • Installing Certificates
  • Enrollment over Secure Transport

Cluster Design

  • ClearPass Server Placement
  • Determine the layout of the Cluster
  • High-Availability Schema
  • Design High-Availability
  • VIP Failover
  • VIP Mapping
  • Insight Primary and Secondary

Network Integration

  • Authentication Sources
    • Local User Repository
    • Endpoint Repository
    • Admin User Repository
    • Guest User Repository
    • Guest Device Repository
    • Onboard Device Repository
    • Active Directory
    • SQL Server
  • Define External Servers
    • Unified Endpoint Management
    • Email Server
  • Endpoint Profiling
    • IF-MAP
    • Active Scans (SNMP)
    • DHCP
    • HTTPS
  • Network Devices
    • RadSec
    • Dynamic Authorization
    • Logging of RADIUS Accounting
    • Device-groups
    • Location Attributes
  • Policy Simulation

Corporate Access Design

  • Define the Requirements
  • High-level design
  • Services Design
  • Plan TIPs Roles
  • User Authentication
  • Machine Authentication
  • Tunneled EAP, EAP-TLS and Protected EAP
  • One versus Multiple Services
  • Plan Enforcement
  • Device-groups based Enforcement
  • Service Implementation
  • OnGuard Design and implementation
    • Quarantine users
    • Remediation
  • Onboard Design and implementation
    • User and device authorization
  • Informational Pages
  • Authorization validation
  • Troubleshooting Enforcement
  • Downloadable Roles 

Guest Access Design

  • Guest Network Design
  • Captive Portal Flow
  • Design Tasks
  • Define Web Pages
  • Guest Services Design
  • Guest Services
  • Guest Access Controls
  • Configure Network Access Devices
  • Guest Account Creation
  • Guest Self-Registration
  • Guest Sponsor Approval
  • Self-Registration AD Drop-Down List
  • Requirements for Guest Enforcement

Multi-Pre Shared Key

  • Define the Requirements
  • High-level design
  • Device authorization
  • Service Design and implementation

Wired Access

  • AAA configuration
  • 1X and MAC auth
  • Using client profiling for authorization
  • Using conflict attribute for authorization
  • User Roles configuration in ArubaOS-S
  • User Roles configuration in ArubaOS-CX
  • Web Redirection
  • Multi-Service Ports
  • Downloadable User Roles Enforcement Profiles
  • Downloadable User Roles Configuration and Validation

Administrative Access

  • TACACs+ based NAD administration
  • TACACs+ command Authorization
  • Policy Manager Administrators
  • Guest and Onboard Operators
  • Register devices for MPSK
  • Insight Operators
  • Insight Reports and Alerts