Deploying and Administering Cisco’s Digital Network Architecture (DNA) and Intelligent WAN (iWAN) is a 5-day course designed for network administrator and technical personnel involved in designing, implementing, operating and optimizing Wide Area Networks based on Cisco’s Intelligent WAN (iWAN) principles, technologies and features. It enables learners to understand how iWAN solves many challenges related to today’s branch office deployments and what the main components of iWAN are, including Transport Independent WAN connectivity (IPSec DMVPN and MPLS), Intelligent Path Control (with performance routing), Application Optimization (with AVC and WAAS) and Secure Connectivity (Strong encryption, firewalls, CWS).
As part of iWAN deployment, participants will be faced with Application Policy Infrastructure Controller - Enterprise Module or APIC-EM, as a management platform and automation tool. At the beginning of the course, students will review Cisco’s Digital Network Architecture or DNA as open and extensible, software-driven architecture that accelerates and simplifies enterprise network operations. DNA, as a programmable architecture frees IT staff from time-consuming, repetitive network configurations tasks, so they can focus instead on innovation that positively transforms their business. Relationships between DNA and iWAN will be discussed in the course. Labs are built using the latest platform versions and related architecture components including ISR, ASR, IOS XE, WAVE, vWAAS, APIC-EM, AppNav, etc.
Learn more about what to expect from this Cisco training course as well as more about Cisco iWAN design from NterOne by reading below.
Prerequisites:
The knowledge and skills that a learner should have before attending this course are as follows:
- Knowledge level equivalent to Cisco CCNA Routing & Switching (CCNP Preferred)
- Basic to intermediate Knowledge on tunnels, VPN’s and DMVPN
- A good understanding of QoS basics
- Basic knowledge and experience with Cisco IOS, IOS XE and CLI
- Basic knowledge on device and network virtualization
Course Objectives:
Upon completing this course, the learner will be able to meet these overall objectives:
- Know and understand Cisco’s Digital Network Architecture concepts, features, benefits, terminology and main components, and the way this architecture innovates common administrative tasks on today’s networks.
- Understand today’s Brach Office challenges and how iWAN helps to solve them.
- Describe four main pillars and components of Cisco Intelligent WAN (iWAN).
- Explain Transport Independent Design, the various connectivity options and the way they are configured.
- Understand Intelligent Path Control, explaining how performance routing is different from traditional destination based routing, routing protocol support and configuration tasks.
- Describe the importance of Application Visibility to know behavior, resources usage and performance statistics as a basis for QoS Policy design and deployment.
- Use WAAS for application performance optimization and better WAN resource usage.
- Know main elements to guarantee IWAN Secure Connectivity, including Strong Encryption, Zone based Firewall and CWS.
- Understand how Cisco’s APIC-EM helps administrator automate deployment, administration and compliance checking for network policies end-to-end, hiding complexity of managing individual network devices.
Module 1: Cisco’s Digital Network Architecture (DNA)
- Overview
- Benefits
- Guiding Principles
- Main Components and Functions
- DNA Automation and Management: APIC-EM
- DNA Virtualization: NFV and Cisco IOS XE
- DNA Analytics: CMX
- DNA Security: TrustSec, ISE, StealthWatch
Module 2: Intelligent WAN (iWAN) General Overview and Main Components
- Today’s branch office challenges
- iWAN as a solution for branch office connectivity
- iWAN’s building blocks
- Transport Independent Design
- Intelligent Path Control
- Application Performance Optimization
- Secure Connectivity
- iWAN Management
Module 3: Implementing Transport Independent Design
- IP Connectivity as transport independent option
- MPLS Connectivity as transport independent option
- IP-MPLS connectivity options for headquarter and branch
- GRE Point to Point and Multipoint tunnels
- DMVPN overview
- DMVPN Phases
- Front Door VRF
- Unicast traffic over DMVPN
- Multicast traffic over DMVPN
- DMVPN sample configurations
Module 4: Implementing Intelligent Path Control with Performance Routing (PfR)
- Performance routing overview
- Device Components and Roles
- Hub Master Controller
- Hub Border Routers
- Transit Master Controller
- Transit Border Router
- Branch Routers
- Differences between PfRv2 and PfRv3
- PfR Policies
- Enterprise Domain Provisioning
- Topology Discovery
- Collecting Performance Metrics
- Path Enforcement
- Enterprise Deployment
- Monitoring (site prefixes, traffic classes, load balance)
Module 5: Implementing AVC for Application Visibility and Adding Hierarchical QoS (HQoS)
- Collecting Performance Metrics
- Collecting Traffic Statistics
- Application Response Time
- Media Monitoring
- Netflow and IPFIX
- Adding Hierarchical Quality of Service (HQoS)
Module 6: Cisco Wide-Area Application Services
- Introducing Cisco WAAS
- Identify Platforms and deployment options
- Implementing Cisco Central Management
- Installing and Configuring the Virtual Environment
- Installing and Configuring Cisco vWAAS
- Configuring Application Traffic Policies
- Configuring Cisco vWAAS Virtualization
Module 7: Cisco APPNAV
- APPNAV overview
- Installing APPNAV Controllers
- APPNAV-XE Controller Configuration
- Monitoring the APPNAV Controller
Module 8: IWAN Secure Connectivity
- Secure Connectivity Overview
- Securing the WAN Transport
- Secure Direct Internet Access
- Full Services Direct Internet Access
- Direct Internet Access Use Case Scenarios
- Cisco Trustsec in Branch
- Secure Connectivity IWAN Customer Scenario
Module 9: Cisco APIC-EM for Management and Automation
- APIC-EM overview
- APIC-EM features and benefits
- APIC-EM supported platforms and software release
- APIC-EM licensing Model
- APIC-EM Hardware&Software requirements (for installation – virtual appliance)
- APIC-EM GUI and navigation
- Main operations
Module 10: Implementing UCS-E and Cloud Connectors
- UCS-E
- Cisco Cloud Connectors
- Third-Party Cloud Connectors
- Cisco Akamai Solutions
- UC/CUBE
Lab Outline
- Familiarizing with lab topology and completing initial setup
- Configuring Transport Independent Design using DMVPN
- Configuring and Performing Application Visibility and reviewing results
- Applying Application Optimization with QoS Controls (HQoS)
- Performing Intelligent Path Control Using PfR
- Installing and Configuring Cisco vWAAS and WAAS Central Manager
- Improving application performance with WAAS
- Managing IWAN with APIC-EM
The primary audience for this course is as follows:
- IP network designers
- IP network administrators
- system engineers
- NOC personnel and technical support personnel involved in IWAN and DNA deployment and administration