Detailed Course Outline
Module 1: Introduction to Cisco’s Software Defined Access (SD-Access)
- DNA Introduction
- SD-Access Overview
- SD-Access Benefits
- SD-Access Key Concepts
- SD-Access Main Components
- Campus Fabric
- Wired
- Wireless
 
- Nodes
- Edge
- Border
- Control Plane
 
 
- Campus Fabric
- DNA Center (Controller)
- ISE (Policy)
- StealthWatch (Policy)
- NDP (Analytics and Assurance)
Module 2: SD-Access Campus Fabric
- The concept of Fabric
- Node types
- Fabric Edge Nodes
- Control Plane Nodes
- Border Nodes
 
- LISP as protocol for Control Plane
- Configure LISP for Control Plane
- VXLAN as protocol for Data Plane
- Configure VXLAN for Data Plane
- Virtual Networks (VN)
- Fabric-enabled WLAN
- Fabric Enabled WLC
- Fabric Enabled AP’s
 
- SDA-ready Cisco Catalyst LAN Switches
- Role of Cat9k in Cisco SD-Access solution and deployment models as border, control and edge nodes
Module 3: DNA Center and Workflow for SD-Access
- Introduction to DNA Center
- Workflow for SD-Access in DNA Center
- Design Step overview
- Policy Step overview
- Provision Step overview
- Assurance Step overview
 
- Integration with Cisco ISE for Policy Enforcement
- Integration with Cisco StealthWatch for Policy Enforcement
- Integration with Cisco NDP for Analytics and Assurance
Module 4: Deployment and initial setup for DNA Center
- Requirements
- Deployment Procedure
- Initial Setup
- GUI Navigation
Module 5: Deployment and initial setup for ISE and Integrate with DNA Center
- Introduction to Cisco ISE
- Requirements
- Cisco ISE Deployment Models
- Deployment Procedure
- Initial Setup
- GUI Navigation
- Integration with DNA Center
Module 6: Deploy Netflow Collector and StealthWatch Management Center (SMC)
- Introduction to Netflow and SMC
- Requirements
- Deployment Procedure
- Initial Setup
- GUI Navigation
- Integration with DNA Center / SD Access
Module 7: Implementing Policy Plane using Cisco TrustSec for Segmentation
- Cisco TrustSec phases
- Classification
- Propagation
- Enforcement
 
- Configuring Classification
- Configuring SGT tag propagation
- Configure Enforcement
- Introducing Cisco TrustSec in ISE
- Cisco ISE as controller for Software-defined segmentation (groups and policies)
- Configuring ISE for Dynamic SGT assignment
- Configuring ISE for Static SGT assignment
- Configuring Policy Enforcement
 
Module 8: Cisco StealthWatch Management Console (SMC)
- Configuring Host Groups in the SMC
- Configuring Flexible NetFlow on Cisco Devices
- Verify Netflow Data Collection on SMC
- Configuring Cisco StealthWatch and ISE Integration
Module 9: DNA Center Workflow First Step - Design
- Creating Enterprise and Sites Hierarchy
- Configuring General Network Settings
- Loading maps into the GUI
- IP Address Management
- Software Image Management
- Network Device Profiles
Module 10: DNA Center Workflow Second Step - Policy
- 2-level Hierarchy
- Macro Level: Virtual Network (VN)
- Micro Level: Scalable Group (SG)
 
- Policy Types
- Access Policy
- Access Control Policy
- Traffic Copy Policy
 
- Cross Domain Policies
Module 11: DNA Center Workflow Third Step - Provision
- Devices Onboarding
- Discovering Devices
- Assigning Devices to a site
- Provisioning device with profiles
 
- Fabric Domains
- Understanding Fabric Domains
- Using Default LAN Fabric Domain
- Creating Additional Fabric Domains
 
- Adding Nodes
- Adding Fabric Edge Nodes
- Adding Control Plane Nodes
- Adding Border Nodes
 
Module 12: DNA Center Workflow Fourth Step – Assurance
- Introduction to Analytics
- NDP Fundamentals
- Overview of DNA Assurance
- Components of DNA Assurance
- DNA Center Assurance Dashboard
Module 13: Implementing WLAN in SD-Access Solution
- WLAN Integration Strategies in SD-Access Fabric
- CUWN Wireless Over The Top (OTT)
- SD-Access Wireless (Fabric enabled WLC and AP)
 
- SD-Access Wireless Architecture
- Control Plane: LISP and WLC
- Data Plane: VXLAN
- Policy Plane and Segmentation: VN and SGT
 
Module 14: Implementing Campus Fabric External Connectivity for SD-Access
- Role of Border Nodes
- Types of Border Nodes
- Border
- Default Border
 
- Single Border vs. Multiple Border Designs
- Collocated Border and Control Plane Nodes
- Distributed (separated) Border and Control Plane Nodes
- Configuring Border Nodes
Module 15: SDA Migration Strategies
- Migrate to SD-Access using a quality-assured process, state-of-the-art tools and proven methodologies
- The need for additional planning
- Typical considerations
- Primary Approaches for migration
- Building SD-Access network in parallel and then integrate
- Do incremental migrations of access switches into an SD-Access fabric