EncartaLabs

Enterprise Network Unified Access Essentials (ENUAE)

( Duration: 4 Days )

The Enterprise Network Unified Access Essentials (ENUAE) training course is designed to assure System Engineers will be able to provide technical pre-sales engineering, demonstrate the key Cisco competitive advantages, create a network design against customer specifications, and implement Cisco Unified Access solutions that are comprised of key differentiating components, features, and services. This course presents concepts, wired and wireless platforms, technologies and services that are required for a comprehensive approach to effectively design, manage, and control the access on a Unified Access network.

By attending Enterprise Network Unified Access Essentials (ENUAE) workshop, attendees will learn to:

  • Understand Cisco's "One Policy, One Management, One Network" Unified Access vision and strategy
  • Create a network design from customer specifications
  • Implement the core aspects of Cisco's Unified Access solutions
  • Design and configure the Unified Access wired network foundation
  • Implement Cisco Prime Infrastructure (PI) 2.0 to support network management of the Unified Access infrastructure
  • Implement Cisco Identity Services Engine (ISE) 1.2 to provide a policy foundation for the Unified Access infrastructure
  • Integrate Converged Access switches (3850) and Wireless LAN Controllers (5760) to support wireless and wired Unified Access infrastructure objectives.
  • Secure the Unified Access infrastructure with ISE, SGA and 802.1X
  • Leverage Prime Infrastructure 2.0 for Application Visibility and Control on the Unified Access infrastructure
  • Describe High Availability (HA) solutions on Unified Access networks
  • Perform key Monitoring and Troubleshooting activities and methods
  • Implement a Bring Your Own Device (BYOD) Solution

  • CCNA Wireless and CCNA Routing and Switching certification, or equivalent work experience, as well as foundation-level understanding of 802.1X implementation.

The Enterprise Network Unified Access Essentials (ENUAE) class is ideal for:

  • Network, Security and Wireless Engineers implementing the latest Unified Access technology, including Cisco ISE, Prime Infrastructure, Converged Access wireless infrastructure and the full line of Catalyst switches.

COURSE AGENDA

1

One Network – Building the Wired Foundation

  • Cisco Unified Access Architecture Overview
  • High Availability (HA) Features Implemented in the Unified Access Wired Access Architecture
  • Introduction to Cisco Catalyst Smart Operations
  • Cisco SmartPorts Macros
  • Cisco Smart Install
  • Cisco AutoQoS
  • Cisco Easy Virtual Network (EVN)
2

One Management Foundation: Implementing Prime Infrastructure 2.0

  • Unified management of wired and wireless access, branch, and wide area networks
  • Comprehensive network life cycle management, including user access visibility, inventory, configuration management, plug and play, radio frequency planning, and best practices reporting
  • End-to-end application and service assurance visibility to quickly isolate and troubleshoot performance issues
  • Relational, multidimensional view of users, applications, and network to simplify the diagnostics and remediation of network and service impacting issues
  • Easy deployment and management of Cisco advanced technologies
3

Policy Foundation: Basic ISE AAA Setup and Guest Server Setup for Wired and Wireless Networks

  • Requirements for installing Cisco ISE
  • ISE installation process
  • Overview of Cisco ISE new Setup Assistant, GUI, and features
  • Using the new ISE Setup Assistant for configuration
  • Requirements for configuring Authentication through AD
  • Configuring Authorization Rules Using AD and dACLs
  • Requirements for PI Integration with ISE
  • Configuring integration
  • Configuring Monitor Mode for Wired dot1x
  • Configuring Authentication rules
  • Configuring Downloadable Access Lists (dACLs) based on Policies
  • Configuring Authorization Profiles that include dACLs
4

Wireless Reference Architecture using Various Cisco Wireless LAN Platforms and Prime Infrastructure

  • Wireless Features Overview
  • Radio Resource Management (RRM)
  • Cisco CleanAir
  • Cisco ClientLink Optimization for Mixed-Client Networks Scenarios
  • Cisco AP Stateful Switchover (SSO) HA Solution
  • List of Cisco Secure Wireless LAN Features
  • Use SSIDs for Network Segmentation
  • User Policy Overview Using Prime Infrastructure
  • Implementation of Special Services Using QoS
  • ACLs Configuration on the WLC
  • WLC Dynamic Interfaces and VLAN Configuration
  • Manipulate Authentication Process of the Client
5

Advanced Wireless Features

  • Introduction to Cisco AVC and its benefits
  • Cisco VideoStream Technology
  • Wireless LAN Apple Bonjour Overview
  • Cisco connected Mobile Experience
6

Converged Access Solution

  • Review of Current Deployment Model
  • Converged Access Overview
  • Wireless Features for Converged Access
  • Interoperability concerns in a hybrid network environment
  • Switch Features for Converged Access
  • "One-Policy" using SA-NET and ISE
  • Steps for Migration
  • Using PI to configure 5760 for deployment
  • Configuring the 5760 as the Mobility Controller
  • Implementing the 3850 in a Converged Access network through PI
  • Establishing policies in ISE for clients connecting to Converged Access networks
  • Configuring Identity Control Policies for Session Aware Networking
7

Securing Any Access

  • Implementing Authentication for BYOD through ISE
  • BYOD On-boarding through ISE
  • Using Auto SmartPort Macros for BYOD
  • Profiler Service Overview
  • ISE Profiler with IOS Device Sensor
  • Overview Security Group Access in ISE
  • Group Access requirements for BYOD
  • At CLI, Configuring the NADs to support SGA and SXP
  • Configuring Security Group Tagging (SGT) in the wired and wireless infrastructure
  • Overview of Identity Port Mapping? (IPM)
  • AT ISE: Configuring SGT eXchange Protocol (SXP) for wired and wireless environment
  • Configuring Security Groups, SGACLs, and Security Group Matrix
8

SmartOperations

  • EEM Overview
  • EEM Configuration on Catalyst Series Switches
  • Automated Diagnostic Features
  • Cisco Generic Online Diagnostics (GOLD) Overview
  • Understanding IP SLA Benefits
  • Cisco IP SLA Best Practices
9

Application Visibility and Control For Wired Networks

  • Application Visibility and Control Overview
  • Cisco Medianet
  • Cisco Mediatrace
  • Cisco Flexible NetFlow Overview and Implementation
  • Cisco Packet Capture Technologies Wireshark/Mini-protocol analyzer (MPA)
10

Wired and Wireless High Availability Solutions

  • Cisco Catalyst Switch Architecture
  • Stateful Switchover (SSO)
  • Cisco Nonstop Forwarding (NSF) Implementation
  • Cisco Non Stop Routing (NSR)
  • Cisco VSS Solution
  • Cisco Catalyst Switch ISSU Solution
  • WLAN High Availability Features Overview
  • Cisco AP SSO Implementation
  • Power over Ethernet (PoE) Considerations
11

Monitoring and Troubleshooting

  • Monitoring Wired and Wireless network devices with PI
  • Monitoring using ISE Dashboard
  • ISE Alarms
  • Implementing Logging
  • PI monitoring in Troubleshooting
  • Built in Client Troubleshooting tool to Support Step-by-Step Problem Analysis
  • Working with NetFlow (configuring, best practice)
  • Troubleshooting the network with ISE
  • ISE Search Capability
  • Troubleshooting Network Access Issues
  • Using Live Logs for troubleshooting
  • ISE discoverable authentication issues
  • Diagnostic Troubleshooting Tools
  • Cisco ISE Reports
12

Advanced BYOD Solution Wrap-Up

  • Overview of the Any Connect BYOD Experience for Windows 7 PC
  • Implementing AnyConnect
  • Configuring AnyConnect with MACsec and 802.1x supplicant
  • ISE client provisioning
  • ISE Device registration

Encarta Labs Advantage

  • One Stop Corporate Training Solution Providers for over 4,000 Modules on a variety of subjects
  • All courses are delivered by Industry Veterans
  • Get jumpstarted from newbie to production ready in a matter of few days
  • Trained more than 50,000 Corporate executives across the Globe
  • All our trainings are conducted in workshop mode with more focus on hands-on sessions

View our other course offerings by visiting http://encartalabs.com/course-catalogue-all.php

Contact us for delivering this course as a public/open-house workshop/online training for a group of 10+ candidates.

Top