Search
Cisco SD-Access Workshop (SDA-PWA3)
-
Overview
Description, Pre requisites -
Content
Lessons, Course Structure
Cisco SD-Access Workshop (SDA-PWA3) workshop teaches you how to implement simple, single-site fabric networks through a combination of lectures and labs.
You will learn the benefits of leveraging Software-Defined Access in the Cisco-powered Enterprise Campus network. SDAFND will introduce the solution, its architecture and components, and guide you through labs to design and deploy simple Cisco SD-Access networks.
How you’ll benefit
This course will help you:
- Deploy Cisco SD-Access networks
- Explain Cisco Software-Designed Access
- Operate, manage, and integrate Cisco DNA Center™
Who should enroll
- Field engineers
- Network engineers
- Network administrators
- System engineers
Objectives
After taking this course, you should be able to:
- Describe Cisco SD-Access architecture and its components
- Explain Cisco DNA Center deployment models, scaling, and high availability
- Identify Cisco SD-Access fabric protocols and node roles
- Understand the Cisco SD-Access Wireless deployment models
- Automate Day 0 device onboarding with Cisco DNA Center LAN Automation and Network PnP
- Deploy simple Cisco SD-Access fabric networks
- Monitor health and performance of the network with Cisco DNA Center Assurance
- Interact with the Cisco DNA Center Platform Intent APIs
Prerequisites
To fully benefit from this course, you should have the following knowledge and skills:
- CCNP® level core networking knowledge
- Ability to use Windows and Linux CLI tools such as ping, SSH, or running scripts
These are the recommended Cisco offerings that may help you meet these prerequisites:
- Implementing and Administering Cisco Solutions (CCNA®) v1.0
- Implementing Cisco Enterprise Network Core Technologies (ENCOR) v1.1
Duration:
3 days
Day 1:
Module 1: Introduction to Cisco’s Software Defined Access (SD-Access)
- Understanding Cisco Intent-Based Networking
- Understanding Cisco SDA Use Cases customer’s benefits including business and technical outcomes and capabilities
- Cisco DNA Center Introduction
- SD-Access Overview
- SD-Access Benefits
- SD-Access Key Concepts
- SD-Access Main Components
- Fabric Control Plane Node
- Fabric Border Node
- Fabric Edge Node
- Fabric Wireless LAN Controller and Fabric Enabled Access Points
- Cisco DNA Center Automation
- Cisco ISE (Policy)
- DNA Center Assurance
Module 2: Deployment and Initial setup for the Cisco DNA-Center
- Cisco DNA-Center Appliances
- Cisco DNA-Center Deployment Models
- Single Node Deployment
- Clustered Deployment
- Installation Procedure
- Initial Setup and Configuration
- GUI Navigation
Module 3: SDA – Design
- Network design options
- Sites
- Creating Enterprise and Sites Hierarchy
- Configuring General Network Settings
- Loading maps into the GUI
- IP Address Management
- Software Image Management
- Network Device Profiles
- AAA
- SNMP
- Syslog
- IP address pools
- Image management
- Creating Enterprise and Guest SSIDs
- Creating the wireless RF Profile
- Cresting the Guest Portal for the Guest SSIDs
- Network profiles
- Authentication templates
Day 2:
Module 4: SDA – Policy
- 2-level Hierarchy
- Macro Level: Virtual Network (VN)
- Micro Level: Scalable Group (SG)
- Policy
- Policy in SD-Access
- Access Policy: Authentication and Authorization
- Access Control Policy
- Application Policy
- Extending Policy across domains
- Preserving Group Metadata across Campus, WAN and DC
- Enforcing policy in Firewall domains
- Cross Domain Policies
Module 5: SDA – Provision
- Devices Onboarding
- Lifecycle stages of network device discovery
- Discovering Devices
- Assigning Devices to a site
- Provisioning device with profiles
- Templates
- Templates for day 0
- Templates for day N operations
- IP Transits
- How to connect the Fabric Sites to the external network
- Creating the IP Transit
- Considerations for a SD-Access Border Node Design
- BGP Hand-Off Between Border and Fusion
- Fabric Domains
- Understanding Fabric Domains and Sites
- Using Default LAN Fabric Domain
- Creating Additional Fabric Domains and Sites
- Adding Nodes
- Adding Fabric Edge Nodes
- Adding Control Plane Nodes
- Adding Border Nodes
Day 3:
Module 6: SDA – Assurance
- Overview of DNA Assurance
- Cisco DNA Center Assurance- Use Cases Examples
- Network Health & Device 360
- Client Health & Client 360
- Application Health & Application 360
- Cisco SD- Application Visibility Control (AVC) on DNA-Center
- Proactive troubleshooting using Sensors
Module 7: Cisco SD-Access Distributed Campus Design
- Introduction to Cisco SD-Access Distributed Campus Design – The Advantage?
- Fabric Domain vs Fabric Site
- SD-Access Transits:
- IP-Based Transit
- Cisco SD-Access Transit
- Cisco SD-WAN Transit
- Deploying the Cisco Distributed Campus with SD-Access Transit
- Site considerations
- Internet connectivity considerations
- Segmentation considerations
- Role of a Cisco Transit Control Plane
- Cisco SD-Access Fabric in a Box
- The need for FiaB
- Deploying the FiaB
Module 8: Cisco SD-Access Brownfield Migration
- Cisco SD-Access Migration Tools and Strategies
- Two Basic Approaches:
- Parallel Deployment Approach
- Incremental Deployment Approach
- Integration with existing Cisco ISE in the network – Things to watch out for!
- Choosing the correct Fusion Device
- Existing Core as Fusion
- Firewall as Fusion
- When do you need the SD-Access Layer-2 Border?
- L2 Border – Understanding the requirement
- Designing and Configuring the L2 Border
- L2 Border – Not a permanent solution
Lab Outline:
- ISE basic setup and Navigating GUI
- Configuring TrustSec in ISE
- Connecting and getting familiar with DNA Center GUI
- Performing SD-Access Design Step in DNA Center
- Integrating ISE and DNA Center for Policy Deployment and Enforcement
- Performing SD-Access Policy Step in DNA Center and ISE
- Performing SD-Access Provision Step in DNA Center
- Performing SD-Access Assurance Step in DNA Center
- Integrating WLAN services through SD-Wireless architecture
- Integrate ISE with Active Directory
- Achieving External Connectivity to remote locations through Border Node