434 Plane courses in Cardiff delivered Online

Duration 2 Days 12 CPD hours This course is intended for The primary audience for this course is as follows:Anyone interested in knowing about DNA Center and SD-AccessPersonnel involved in SD-Access Design and ImplementationNetwork Operations team with SD-Access solutionNetwork admin staff that deal with User AccessChannel Partner SEs and other sales supportNetwork Access Control administrationNetwork AdministratorsNetwork ArchitectsNetwork Engineers Overview Upon completing this course, the learner will be able to meet these overall objectives:Know and understand Cisco?s SD-Access concepts, features, benefits, terminology and the way this approach innovates common administrative tasks on today?s networks.Differentiate and explain each of the building blocks of SD-Access SolutionExplain the concept of ?Fabric? and the different node types that conform it (Fabric Edge Nodes, Control Plane Nodes, Border Nodes)Describe the role of LISP in Control Plane and VXLAN in Data Plane for SD-Access SolutionUnderstand the role of DNA Center as solution orchestrator and Intelligent GUIBe familiar with workflow approach in DNA Center and its 4 Steps: Design, Policy, Provision and Assurance DNA Center and SD-Access offer Cisco?s next-generation programmable digital network to help automate common network access security features and streamline the redundant, complex configuration required to allow different groups of users access to the network infrastructure. This network security training course allows network administrators to quickly allow differentiated access for end users on the network while allowing the network to react automatically to day zero and other types of attacks. Introduction to Cisco?s Software Defined Access (SD-Access) SD-Access Overview SD-Access Benefits SD-Access Key Concepts SD-Access Main Components SD-Access Campus Fabric The concept of Fabric Node types Fabric Edge Nodes Control Plane Nodes Border Nodes LISP as protocol for Control Plane VXLAN as protocol for Data Plane Concept of Virtual Network Fabric-enabled WLAN DNA Center and Workflow for SD-Access Introduction to DNA Center Workflow for SD-Access in DNA Center Integration with Cisco ISE for Policy Enforcement Integration with Cisco NDP for Analytics and Assurance Relationship with APIC-EM controller DNA Center Workflow First Step - Design Creating Enterprise and Sites Hierarchy Discuss and Demonstrate General Network Settings Loading maps into the GUI IP Address Administration Administering Software Images Network Device Profiles DNA Center Workflow Second Step - Policy 2-level Hierarchy Policy Types ISE Integration with DNA Center Cross Domain Policies DNA Center Workflow Third Step - Provision Devices Onboarding Fabric Domains Adding Nodes DNA Center Workflow Fourth Step ? Assurance Introduction to Analytics NDP Fundamentals Overview of DNA Assurance Components of DNA Assurance DNA Center Assurance Dashboard Implementing WLAN in SD-Access Solution WLAN Integration Strategies in SD-Access Fabric SD-Access Wireless Architecture Sample Design for SD-Access Wireless Campus Fabric External Connectivity for SD-Access Enterprise Sample Topology for SD-Access Role of Border Nodes Types of Border Nodes Single Border vs. Multiple Border Designs Collocated Border and Control Plane Nodes Distributed (separated) Border and Control Plane Nodes

Duration 5 Days 30 CPD hours This course is intended for Security engineer Network engineer Network designer Network administrator Systems engineer Consulting systems engineer Technical solutions architect Network manager Cisco integrators and partners Overview After taking this course, you should be able to: Describe information security concepts and strategies within the network Describe common TCP/IP, network application, and endpoint attacks Describe how various network security technologies work together to guard against attacks Implement access control on Cisco ASA appliance and Cisco Firepower Next-Generation Firewall Describe and implement basic email content security features and functions provided by Cisco Email Security Appliance Describe and implement web content security features and functions provided by Cisco Web Security Appliance Describe Cisco Umbrella security capabilities, deployment models, policy management, and Investigate console Introduce VPNs and describe cryptography solutions and algorithms Describe Cisco secure site-to-site connectivity solutions and explain how to deploy Cisco Internetwork Operating System (Cisco IOS) Virtual Tunnel Interface (VTI)-based point-to-point IPsec VPNs, and point-to-point IPsec VPN on the Cisco ASA and Cisco Firepower Next-Generation Firewall (NGFW) Describe and deploy Cisco secure remote access connectivity solutions and describe how to configure 802.1X and Extensible Authentication Protocol (EAP) authentication Provide basic understanding of endpoint security and describe Advanced Malware Protection (AMP) for Endpoints architecture and basic features Examine various defenses on Cisco devices that protect the control and management plane Configure and verify Cisco IOS software Layer 2 and Layer 3 data plane controls Describe Cisco Stealthwatch Enterprise and Stealthwatch Cloud solutions Describe basics of cloud computing and common cloud attacks and how to secure cloud environment The Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0 course helps you prepare for the Cisco© CCNP© Security and CCIE© Security certifications and for senior-level security roles. In this course, you will master the skills and technologies you need to implement core Cisco security solutions to provide advanced threat protection against cybersecurity attacks. You will learn security for networks, cloud and content, endpoint protection, secure network access, visibility, and enforcements. You will get extensive hands-on experience deploying Cisco Firepower© Next-Generation Firewall and Cisco Adaptive Security Appliance (ASA) Firewall; configuring access control policies, mail policies, and 802.1X Authentication; and more. You will get introductory practice on Cisco Stealthwatch© Enterprise and Cisco Stealthwatch Cloud threat detection features. This course, including the self-paced material, helps prepare you to take the exam, Implementing and Operating Cisco Security Core Technologies (350-701 SCOR), which leads to the new CCNP Security, CCIE Security, and the Cisco Certified Specialist - Security Core certifications. Describing Information Security Concepts* Information Security Overview Assets, Vulnerabilities, and Countermeasures Managing Risk Vulnerability Assessment Understanding Common Vulnerability Scoring System (CVSS) Describing Common TCP/IP Attacks* Legacy TCP/IP Vulnerabilities IP Vulnerabilities Internet Control Message Protocol (ICMP) Vulnerabilities TCP Vulnerabilities User Datagram Protocol (UDP) Vulnerabilities Attack Surface and Attack Vectors Reconnaissance Attacks Access Attacks Man-in-the-Middle Attacks Denial of Service and Distributed Denial of Service Attacks Reflection and Amplification Attacks Spoofing Attacks Dynamic Host Configuration Protocol (DHCP) Attacks Describing Common Network Application Attacks* Password Attacks Domain Name System (DNS)-Based Attacks DNS Tunneling Web-Based Attacks HTTP 302 Cushioning Command Injections SQL Injections Cross-Site Scripting and Request Forgery Email-Based Attacks Describing Common Endpoint Attacks* Buffer Overflow Malware Reconnaissance Attack Gaining Access and Control Gaining Access via Social Engineering Gaining Access via Web-Based Attacks Exploit Kits and Rootkits Privilege Escalation Post-Exploitation Phase Angler Exploit Kit Describing Network Security Technologies Defense-in-Depth Strategy Defending Across the Attack Continuum Network Segmentation and Virtualization Overview Stateful Firewall Overview Security Intelligence Overview Threat Information Standardization Network-Based Malware Protection Overview Intrusion Prevention System (IPS) Overview Next Generation Firewall Overview Email Content Security Overview Web Content Security Overview Threat Analytic Systems Overview DNS Security Overview Authentication, Authorization, and Accounting Overview Identity and Access Management Overview Virtual Private Network Technology Overview Network Security Device Form Factors Overview Deploying Cisco ASA Firewall Cisco ASA Deployment Types Cisco ASA Interface Security Levels Cisco ASA Objects and Object Groups Network Address Translation Cisco ASA Interface Access Control Lists (ACLs) Cisco ASA Global ACLs Cisco ASA Advanced Access Policies Cisco ASA High Availability Overview Deploying Cisco Firepower Next-Generation Firewall Cisco Firepower NGFW Deployments Cisco Firepower NGFW Packet Processing and Policies Cisco Firepower NGFW Objects Cisco Firepower NGFW Network Address Translation (NAT) Cisco Firepower NGFW Prefilter Policies Cisco Firepower NGFW Access Control Policies Cisco Firepower NGFW Security Intelligence Cisco Firepower NGFW Discovery Policies Cisco Firepower NGFW IPS Policies Cisco Firepower NGFW Malware and File Policies Deploying Email Content Security Cisco Email Content Security Overview Simple Mail Transfer Protocol (SMTP) Overview Email Pipeline Overview Public and Private Listeners Host Access Table Overview Recipient Access Table Overview Mail Policies Overview Protection Against Spam and Graymail Anti-virus and Anti-malware Protection Outbreak Filters Content Filters Data Loss Prevention Email Encryption Deploying Web Content Security Cisco Web Security Appliance (WSA) Overview Deployment Options Network Users Authentication Secure HTTP (HTTPS) Traffic Decryption Access Policies and Identification Profiles Acceptable Use Controls Settings Anti-Malware Protection Deploying Cisco Umbrella* Cisco Umbrella Architecture Deploying Cisco Umbrella Cisco Umbrella Roaming Client Managing Cisco Umbrella Cisco Umbrella Investigate Overview and Concepts Explaining VPN Technologies and Cryptography VPN Definition VPN Types Secure Communication and Cryptographic Services Keys in Cryptography Public Key Infrastructure Introducing Cisco Secure Site-to-Site VPN Solutions Site-to-Site VPN Topologies IPsec VPN Overview IPsec Static Crypto Maps IPsec Static Virtual Tunnel Interface Dynamic Multipoint VPN Cisco IOS FlexVPN Deploying Cisco IOS VTI-Based Point-to-Point IPsec VPNs Cisco IOS VTIs Static VTI Point-to-Point IPsec Internet Key Exchange (IKE) v2 VPN Configuration Deploying Point-to-Point IPsec VPNs on the Cisco ASA and Cisco Firepower NGFW Point-to-Point VPNs on the Cisco ASA and Cisco Firepower NGFW Cisco ASA Point-to-Point VPN Configuration Cisco Firepower NGFW Point-to-Point VPN Configuration Introducing Cisco Secure Remote Access VPN Solutions Remote Access VPN Components Remote Access VPN Technologies Secure Sockets Layer (SSL) Overview Deploying Remote Access SSL VPNs on the Cisco ASA and Cisco Firepower NGFW Remote Access Configuration Concepts Connection Profiles Group Policies Cisco ASA Remote Access VPN Configuration Cisco Firepower NGFW Remote Access VPN Configuration Explaining Cisco Secure Network Access Solutions Cisco Secure Network Access Cisco Secure Network Access Components AAA Role in Cisco Secure Network Access Solution Cisco Identity Services Engine Cisco TrustSec Describing 802.1X Authentication 802.1X and Extensible Authentication Protocol (EAP) EAP Methods Role of Remote Authentication Dial-in User Service (RADIUS) in 802.1X Communications RADIUS Change of Authorization Configuring 802.1X Authentication Cisco Catalyst© Switch 802.1X Configuration Cisco Wireless LAN Controller (WLC) 802.1X Configuration Cisco Identity Services Engine (ISE) 802.1X Configuration Supplicant 802.1x Configuration Cisco Central Web Authentication Describing Endpoint Security Technologies* Host-Based Personal Firewall Host-Based Anti-Virus Host-Based Intrusion Prevention System Application Whitelists and Blacklists Host-Based Malware Protection Sandboxing Overview File Integrity Checking Deploying Cisco Advanced Malware Protection (AMP) for Endpoints* Cisco AMP for Endpoints Architecture Cisco AMP for Endpoints Engines Retrospective Security with Cisco AMP Cisco AMP Device and File Trajectory Managing Cisco AMP for Endpoints Introducing Network Infrastructure Protection* Identifying Network Device Planes Control Plane Security Controls Management Plane Security Controls Network Telemetry Layer 2 Data Plane Security Controls Layer 3 Data Plane Security Controls Deploying Control Plane Security Controls* Infrastructure ACLs Control Plane Policing Control Plane Protection Routing Protocol Security Deploying Layer 2 Data Plane Security Controls* Overview of Layer 2 Data Plane Security Controls Virtual LAN (VLAN)-Based Attacks Mitigation Sp

Duration 2 Days 12 CPD hours This course is intended for This course benefits individuals responsible for configuring and monitoring devices running the Junos OS. Course Level : Junos Layer 2 VPNs (JL2V) is an advanced-level course. Overview Define the term virtual private network. Describe the business drivers for MPLS VPNs. Describe the differences between Layer 2 VPNs and Layer 3 VPNs. List advantages for the use of MPLS Layer 3 VPNs and Layer 2 VPNs. Describe the roles of a CE device, PE router, and P router in a BGP Layer 2 VPN. Explain the flow of control traffic and data traffic for a BGP Layer 2 VPN. Configure a BGP Layer 2 VPN and describe the benefits and requirements of over-provisioning. Monitor and troubleshoot a BGP Layer 2 VPN. Explain the BGP Layer 2 VPN scaling mechanisms and route reflection. Describe the Junos OS BGP Layer 2 VPN CoS support. Describe the flow of control and data traffic for an LDP Layer 2 circuit. Configure an LDP Layer 2 circuit. Monitor and troubleshoot an LDP Layer 2 circuit. Describe the operation of FEC 129 BGP autodiscovery for Layer 2 VPNs. Configure a FEC 129 BGP autodiscovery Layer 2 VPN. Monitor and troubleshoot a FEC 129 BGP autodiscovery for Layer 2 VPNs. Describe the difference between Layer 2 MPLS VPNs and VPLS. Explain the purpose of the PE device, the CE device, and the P device. Explain the provisioning of CE and PE routers. Describe the signaling process of VPLS. Describe the learning and forwarding process of VPLS. Describe the potential loops in a VPLS environment. Configure BGP, LDP, and FEC 129 BGP autodiscovery VPLS. Troubleshoot VPLS. Describe the purpose and features of Ethernet VPN. Configure Ethernet VPN. Monitor and troubleshoot Ethernet VPN. Describe the Junos OS support for hierarchical VPN models. Describe the Junos OS support for Carrier-of-Carriers VPN Option C. Configure the interprovider VPN Option C. Describe the Junos OS support for multisegment pseudowire for FEC 129. Describe and configure circuit cross-connect (CCC). This two-day course is designed to provide students with MPLS-based Layer 2 virtual private network (VPN) knowledge and configuration examples. Course IntroductionMPLS VPNs MPLS VPNs Provider-Provisioned VPNs BGP Layer 2 VPNs Overview of Layer 2 Provider-Provisioned VPNs BGP Layer 2 VPN Operational Model: Control Plane BGP Layer 2 VPN Operational Model: Data Plane Preliminary BGP Layer 2 VPN Configuration BGP Layer 2 Configuration Monitoring and Troubleshooting BGP Layer 2 VPNs Lab: BGP Layer 2 VPNs Layer 2 VPN Scaling and CoS Review of VPN Scaling Mechanisms Layer 2 VPNs and CoS LDP Layer 2 Circuits LDP Layer 2 Circuit Operation LDP Layer 2 Circuit Configuration LDP Layer 2 Circuit Monitoring and Troubleshooting FEC 129 BGP Autodiscovery Layer 2 Circuit Operation FEC 129 BGP Autodiscovery Layer 2 Circuit Configuration FEC 129 BGP Autodiscovery Monitoring and Troubleshooting Virtual Private LAN Services Layer 2 MPLS VPNs Versus VPLS BGP VPLS Control Plane BGP VPLS Data Plane Learning and Forwarding Process Loops VPLS Configuration VPLS Configuration VPLS Troubleshooting Ethernet VPN (EVPN) EVPN Overview EVPN Control Plane EVPN Operation EVPN Configuration EVPN Troubleshooting

WAN training course description A hands on Introduction to Wide Area Networks for engineers. This course covers all current major WAN technologies from a perspective of design, evaluating technologies available as well as hands on to consolidate the theory What will you learn Describe the seven-layer model and realise how it applies to the real world. Evaluate and describe WAN technologies. Describe the architecture of WANs in the core. Use WANS to interconnect LANS. WAN training course details Who will benefit: Technical staff wishing to find out more about how their WAN works. Prerequisites: Intro to data communications & networking Duration 5 days WAN training course contents Introduction LANs, MANS and WANS, protocols, the OSI seven layer model, ITU-T, ETSI, DTE, DCE, and the overall picture. WAN architectures Service providers, core, access, DTE, DCE, CPE, dialup, circuit switched, packet switched, how to choose a WAN, common bandwidths, site to site, remote access. Topologies: Star, Full mesh, partial mesh. History of WANs Before IP was ubiquitous, The PSTN, Dial up networks, modems, ISDN, Stat mux, TDM, 64k, N*64, E1, X25, Frame Relay The role of IP and routers The growth of IP, the role of routers, routing tables, routing protocols. Hands on: IP and routing. Layer 1 Physical Copper, Fibre, Wireless, Microwave, Phone lines, FTTC, FTTH, mobile networks. Service provider technologies The transport plane, SDH, SONET, DWDM. WAN access Phone lines, leased lines, xDSL, WiMax, satellite, the role of PPP. Broadband adband xDSL, ADSL, SDSL, local loops, DSLAM, DSL architecture. ATM Cell switching principles, ATM switching, Virtual paths, QOS, CBR, VBR, ABR, UBR, AAL1 to AAL5, MPOA, LANE, Voice over ATM. The Internet VPNs, IPSEC, QOS. What is MPLS? Core MPLS, MPLS and the 7 layer model, MPLS protocol, MPLS standard, MPLS runs on routers, MPLS history, Why MPLS? MPLS architecture LSRs, PE and P router roles, FEC, swapping labels, MPLS packet format, Loops, TTL control. Ethernet What is Ethernet? LANs, MANs, WANs, Ethernet and switches in the LAN. Traditional LAN/WAN integration, routers. The Ethernet interface for the WAN. Standards: Transporting carrier Ethernet.

Duration 5 Days 30 CPD hours This course is intended for For those seeing to prepare for CCIE Enterprise Infrastructure certification Overview This course will help prepare for CCIE Enterprise Infrastructure certification The new CCIE Enterprise Infrastructure certification program prepares you for today?s expert-level job roles in enterprise infrastructure technologies. CCIE Enterprise Infrastructure now includes automation and programmability to help you scale your enterprise infrastructure. VTP VTP and different versions Pruning EtherChannel LACP Layer 2 and Layer 3 Spanning Protocol 1d, 802.1w, and 802.1s SPAN, RSPAN, and ERSPAN DMVPN All Phases Redundancy: Two Clouds One Hub Two Hubs one Cloud Two hubs two Clouds Running Routing Protocols DMVPN over MPLS EIGRP RD, CD, S, FC, FS, and FD Configuration, and hidden debugging Authentications: MD5, and SHA, Summarization Load Balancing:Equal Cost, Unequal Cost, Add-Path, Filtering, Default Route Injection Optimization: Query Propagation Boundary, IP FRR, STUB routing (All Options) Metric: Classic, Wide Metric Route Tags: Decimal and Dotted-Decimal Notations, OTP OSPFv2 Overview and special cases GRE or Virtual-Links LSAs, FA, and RFCs (1583, 1587, 2328, 3101, 5185 and many more) Best Path Selection Network Types Area Types Optimization: GTSM, LFA, Default Route Injection Authentication: RFC 2328, RFC 5709, Summarization, Filtering BGP States Establishing a Peer Session: Regular method,Peer-Groups,Templates,Best Path Selection Attributes: Weight, AS-Path, Origin, Next-Hop, Local-Preference, Atomic-Aggregate Communities, Aggregator, and MED Load Balancing: Equal Cost,Unequal Cost,Conditional Advertisement,Out/In Bound Route Filtering and the order,ORF,Multihoming Scenarios AS-Path Manipulation: Regexp,Local-as,Allow-as,Remove-Private-as Convergence and Scalability: Route Reflectors,Confederation,Aggregation (All Options) Other BGP Features: MultiPath,Add-Path,Route-Refresh,Soft Reconfiguration IPv6 Acquiring an IPv6 Address: IPv6 General Prefix SLAAC DHCPv6 Rapid-Commit Relay Prefix Delegation IPv6 and DMVPN EIGRPv6 OSPFv3: Both flavors, LSAs, RFCs BGP for IPv6: IPv6 transport, and IPv4 route exchange Transitional Solutions: NAT-PT,6VPE,Multicast,MLD,Static RP,BSR,Embedded RP,IPv6 Traffic Filters,RA Guard,ND Inspection MPLS LDP, VRFs, RD, and RT L3VPNs Route Leaking PE to CE Routing Security Control Plane Policing VACLs Storm Control DHCP Snooping IP Source Guard DAI Private VLANs Port Security Access-lists uRPF Device Tracking IPsec Identity Use Case For FlexVPN: Site-to-Site, IKEv1, and IKEv2 Using Preshared Keys 1x Port Base Authentication : Device Roles,Port States,Authentication Process,Host Modes Network Services FHRP: HSRP, VRRP, and GLBP NAT: Static NAT, and PAT,Dynamic NAT,Policy-Base NAT,VRF-Aware NAT,VASI NAT Software Defined Infrastructure Cisco SD Access: Design a Cisco SD Access solution Underlay network (IS-IS, manual/PnP) Overlay fabric design (LISP, VXLAN, Cisco TrustSec) Fabric domains (single-site and multi-site using SD-WAN transit) Cisco SD Access deployment: Cisco DNA Center device discovery and device management Add fabric node devices to an existing fabric Host onboarding (wired endpoints only) Fabric border handoff Segmentation Macro-level segmentation using VNs Micro-level segmentation using SGTs (using Cisco ISE) Assurance Network and client health (360) Monitoring and troubleshooting Cisco SD-WAN: Design a Cisco SD-WAN solution Orchestration plane (vBond, NAT) Management Plane (vManage) Control Plane (vSmart, OMP) Data Plane (vEdge/cEdge) WAN edge deployment Onboarding new edge routers Orchestration with zero-touch provisioning/PnP OMP TLOC Configuration templates Localized policies (only QoS) Centralized policies Application aware Routing Topologies

Duration 5 Days 30 CPD hours This course is intended for Ideal candidates are IT Professionals who deploy small-to-medium scale enterprise network solutions based on Aruba products and technologies. Overview Network Fundamentals Review Aruba Switching portfolio ArubaOS-CX Network Operating System VLANs Spanning Tree Protocol VRRP Link Aggregation IP Routing Subnetting OSPFv2 - Single Area Stacking using VSF Secure Management and Maintenance Aruba NetEdit Teaches you the fundamental skills necessary to configure and manage modern, open standards-based networking solutions using Aruba's OS-CX routing & switching technologies. This course consists of approximately 60% lecture and 40% hands-on lab exercises Network Fundamentals What is a network? What is a Protocol? OSI Reference Model Encapsulation, frames, packets, segments Layer 2 to Layer 7 headers Media, cabling, Ethernet/wifi headers Binary/Hex/Decimal theory and conversion TCP/IP Stack (IP addressing & Transport Protocols TCP/UDP) Types of traffic: Unicast, Broadcast, Multicast TCP/IP Stack Overview Ethernet frames IPv4 Header TCP Header ? Three-way Handshake TCP Header ? Sequence Numbers TCP Header ? Port Numbers TCP Header UPD Header Basic Networking with Aruba Solutions Networking devices: Switches, Routers, Multilayer Switches, APs, Mobility Controllers, Firewalls, Servers (HTTP, DHCP, DNS, Telnet, FTP) 2-Tier vs 3-Tier hierarchy Switching Portfolio (AOS switches & AOS-CX switches) is this introducing both portfolio on a couple of slide and few slides on AOS-CX hardware architecture, software architecture and intro to NAE high level. Introduction to AOS-CX and feature set Port numbering Accessing Aruba OS-CX CLI Prompt modes/levels and navigation Context sensitive help Show logs, configuration, interfaces, transceivers, flash, version Hostname/interface name, enabling interfaces Link Layer Discovery Protocol ICMP and reachability testing tools: Ping and Traceroute PoE (standards one slide and what we support and one or two slide on configuration VLANs Broadcast/collision domains VLAN benefits VLAN creation DHCP server configuration in switches (optional) 802.1Q tagging Switchports vs. Routed ports MAC address table ARP table Packet Delivery part 1 Spanning Tree Protocol Redundant network L2 loops 802.1D Common Spanning Tree 802.1s 802.1w overview 802.1w load balancing 802.1w region configuration Link Aggregation Static Aggregation LACP Load Balancing IP Routing - Part 1 Default Gateway DHCP IP Helper Address IP Routing Service Inter-VLAN routing Packet Delivery Part 2 Need for layer 3 redundancy Introduction to VRF VRRP VRRP overview VRRP basic operation VRRP failover and preempt VRRP and MSTP coordination IP Routing - Part 2 Subnetting CIDR Static routes Administrative Distance Floating routes Scalability issues IP Routing - Part 3 IGP vs EGP Distance Vector vs Link State OSPF Router-ID and Hello Messages Passive interfaces States DR and BDR LSDB: LSA 1 and 2 Path selection and convergence Using cost to manipulate routes Stacking Control Plane, Management Plane, and Data Plane Introduction to Stacking technologies Stacking Benefits Centralized control and management plane Distributed Data Plane and Distributed Link Aggregation VSF VSF requirements VSF Link and member roles VSF member IDs and port numbers VSF Configuration VSF Provisioning use cases Tracing Layer 2 traffic: Unicast Tracing Layer 2 traffic: Broadcast, Multicast, and Unknown Unicast VSF Failover and OSFP Graceful-Restart VSF Link failure without MAD MAD VSX Introduction Secure Management and Maintenance OOBM port Management VRF Secure Management Protocols: AAA, SSH, HTTPS, RBAC Radius-based management auth (VSA) SNMP Web interface Configuration file management (Backup, restore, checkpoint and roll back) Operating System image management (backup and restore) Factory default/password recovery AOS-CX Management tools Intro to NetEdit NetEdit installation Basic monitoring with NetEdit AOS-CX Mobile App

Duration 2 Days 12 CPD hours This course is intended for Enterprise Network System Installers System Integrators System Administrators Network Administrators Solutions Designers Overview Upon completion of this course, you will be able to: Identify the various components and architecture of the Cisco SD-WAN solution. Deploy vEdge routers in a secure extensible network. Create templates to aide in the deployment and operation of the secure extensible network. Configure and verify overlay routing in the secure extensible network. Create simple policies to control traffic flow in the secure extensible network. The Cisco SD WAN Operation and Deployment (SDWFND) v1.0 is a 2-day, instructor-led, hands-on course that addresses the Cisco SD-WAN Operations and Deployment functions. Cisco SD-WAN is a new technology, this training covers salient features such as zero-touch provisioning, secure network bring-up, configuration using feature templates, configuration of Overlay Management Protocol (OMP) and policies for network traffic management. Module 1: SD-WAN Solution Components Lesson 1: SD-WAN Solution Overview Lesson 2: SD-WAN Components Lesson 3: Managing SD-WAN Components Module 2: Secure Extensible Network Deployment Lesson 1: Secure Control Plane Operation Lesson 2: Secure Control Plane Deployment Lesson 3: Secure Data Plane Operation Lesson 4: Cloud Deployments and Redundancy Module 3: SD-WAN Template Deployment Lesson 1: Templates Overview Lesson 2: Feature Templates Lesson 3: Device Templates Lesson 4: Attaching Devices to Templates Module 4: SD-WAN Overlay Routing Lesson 1: Overlay Routing Overview Lesson 2: OMP Route Advertisements Lesson 3: OMP Route Redistribution and Network Segmentation Lesson 4: Configuring and Verifying Overlay Routing Module 5: SD-WAN Policies and QoS Lesson 1: Policy Overview and Framework Lesson 2: vSmart Policy Operation and Construction Lesson 3: Forwarding and QoS Overview Lesson 4: Configuring and Monitoring QoS Forwarding Lab outline Lab 1: Manage and Monitor SD-WAN Components Lab 2: Deploy and Verify SD-WAN vEdge Routers Lab 3: Deploy SD-WAN Templates Lab 4: SD-WAN Overlay Routing Lab 5: SD-WAN Policies

Telecomms training course description A comprehensive tour of the telecommunications technologies and terminology currently in use, and under development. What will you learn List and describe components of the PSTN. Explain how calls are made over the PSTN Compare analog and digital transmission methods. Describe the technologies within the transport plane. Recognise the benefits of extra features available in today's telephone networks. Telecomms training course details Who will benefit: Anyone new to the Telecommunications industry. Prerequisites: None. Duration 2 days Telecomms training course contents Telephone network architecture Handsets, local loop, distribution points, Local exchanges, main telephone switches, PBXs. Making a call - some basics Telephone call components, how a telephone call works, accessing the local exchange, loop disconnect, DTMF, standards, E.164, PSTN routing, Intelligent Networks, Special Rate Services. Analogue vs Digital Voice characteristics, PSTN bandwidth, analogue signalling, Digital encoding, PCM and the 64k, ADPCM and other voice compression methods. PBXs PABX, Call processing, networking PBXs, PBX facilities, bandwidth, blocking probability and Erlangs, Erlang models, using Erlang tables. Transmission methods Two wire transmission, 64k circuits, Nx64, E1, 2 wire to 4 wire conversion, echo, echo suppression, echo cancellers, twisted pair, coax, fibre optic, power lines, satellite systems, microwave. Signalling Analogue signalling, loop start, earth calling, E&M, AC15. Digital signalling -CAS, robbed bits and E1 slot 16 signalling. Digital signalling CCS, Q.931, SS7, Q.SIG, DPNSS, DASS2. Transport planes PDH, PDH issues, SDH, SDH architecture, SDH standards, SDH bit rates, SDH mulitplexors, DWDM. Networks Circuit Switched Networks, TDM, Packet Switched Networks, Frame Relay, Message Switching, Circuit Switching, STDM, Cell Switching, ATM, ATM cells, ATM traffic parameters, ATM QoS, MPLS. Other network access Modems, modulation, speeds, ISDN, BRI, PRI, xDSL, SDSL, ADSL. Other Services Centrex, VPNs, FeatureNet, CTI, Call Processing Systems, Voice Mail, Automated Attendant Systems, Interactive Voice Response, Call Management Systems, Call Conferencing, Star Services. Mobile communications 3 types of wireless telephone, mobile generations, base stations, cells, GSM, GPRS, 3G, UMTS, WCDMA, 4G, LTE. VoIP overview What is VoIP, VoIP benefits, What is IP? The IP header, Packetising voice, VoIP addressing, H.323, SIP, RTP. Bandwidth requirements.

Essential EVPN training course description Ethernet VPN (E-VPN) and Provider Backbone Bridging E-VPN (PBB-EVPN) are emerging technologies providing Ethernet services over MPLS. This course studies the technologies in E-VPN/PBB-EVPN providing multi-homing, multi pathing, auto discovery, multicast, forwarding and fast convergence. What will you learn Differentiate between E-VPN and PBB-EVPN. Explain how E-VPN operates. Explain how PBB-EVPN operates. Explain how E-VPN provides: Multi homing Multi pathing Auto discovery. Essential EVPN training course details Who will benefit: Network engineers. Staff working for carriers. Prerequisites: Definitive Ethernet switching for engineers Concise MPLS for engineers Duration 2 days Essential EVPN training course contents Introduction to EVPN Network virtualization What Is network virtualization? types of virtual networks, network tunnelling, the consequences of tunnelling, packet load balancing, network interface card behaviour. maximum transmission unit, lack of visibility, VXLAN, protocols to implement the control plane, support for network virtualization technologies, merchant silicon Software, standards. The building blocks of Ethernet VPN A brief history of EVPN, architecture and protocols for traditional EVPN deployment, EVPN in the data center BGP constructs for Virtual networks, address family indicator/subsequent address family indicator, route distinguisher, route target, RD, RT, and BGP processing, route types, modifications to support EVPN over eBGP, keeping the NEXT HOP unmodified, retaining route targets, FRR support for EVPN, automatic propagation of NEXT HOP, RT/RD derivation, what Is not supported in FRR. Bridging with Ethernet VPN An overview of traditional bridging, overview of bridging with EVPN, what Ifs, why does NVE L3 get an advertisement for MACA? handling BUM packets, handling MAC moves, support for dual-attached hosts, the host-switch Interconnect, VXLAN model for dual-attached hosts, switch peering solutions, handling Link failures, duplicate multi-destination frames, ARP/ND suppression. Routing with Ethernet VPN The case for routing in EVPN, routing use cases in the data center, routing models, where is the routing performed? centralized routing, distributed routing, how routing works in EVPN, asymmetric routing, symmetric routing, VRFs in EVPN routing, summarized route announcements, BGP support for EVPN routing, comparing asymmetric and symmetric models, vendor support for EVPN routing. Configuring and administering Ethernet VPN The sample topology, configuration cases, configuring the MTU, the end first: complete FRR configurations, the Invariants: configuration for the spines, firewall, and servers, centralized routing, asymmetric distributed routing, symmetric routing, dissecting the configuration, configuring the underlay, configuring the overlay: FRR configuring the overlay: interfaces, examining an EVPN network, show running configuration, show BGP summary, show EVPN VNIs and VTEPs, identify which VTEP advertised a MAC address, comparing FRR and Cisco EVPN configurations, considerations for deploying EVPN in large networks.

Duration 5 Days 30 CPD hours This course is intended for Experienced system administrators and network administrators Overview By the end of the course, you should be able to meet the following objectives: Describe the NSX Advanced Load Balancer architecture Describe the NSX Advanced Load Balancer components and main functions Explain the NSX Advanced Load Balancer key features and benefits Deploy and configure the NSX Advanced Load Balancer infrastructure within private or public clouds using Write and No-Access Cloud Connectors Explain, deploy, and configure Service Engines Explain and configure local load balancing constructs such as virtual services, pools, health monitors, and related components Explain and configure advanced virtual services and related concepts such as Subject Name Indication, Enhanced Virtual Hosting, and authentication of virtual services Explain and modify application behavior through profiles, policies, and DataScripts Describe Central licensing management using VMware NSX Advanced Load Balancer Enterprise with Cloud services (formerly Avi Pulse) Explain how to configure Role-Based Access Control (RBAC) in NSX Advanced Load Balancer Configure advanced services such as global server load balancing Describe how to use NSX Advanced Load Balancer REST API interfaces and related automation capabilities Describe and configure NSX Advanced Load Balancer application and infrastructure monitoring Gather relevant information and perform basic troubleshooting of applications that use built-in NSX Advanced Load Balancer tooling Identify the key features of VMware NSX Network Detection and Response This five-day, fast-paced course provides comprehensive training to install, configure, and manage a VMware NSX Advanced Load Balancer (Avi Networks) solution. This course covers key NSX Advanced Load Balancer (Avi Networks) features and functionality offered in the NSX Advanced Load Balancer 21.x release. Features include the overall infrastructure, virtual services, application components, global server load balancing, various cloud connectors, application troubleshooting, and solution monitoring. Hands-on labs provide access to a software-defined data center environment to reinforce the skills and concepts presented in the course. Course Introduction Introduction and course logistics Course objectives Introduction to NSX Advanced Load Balancer Introduce NSX Advanced Load Balancer Discuss NSX Advanced Load Balancer use cases and benefits Explain NSX Advanced Load Balancer architecture and components Explain the management, control, data, and consumption planes and their respective functions Virtual Services Configuration Concepts Explain virtual service components Explain virtual service types Explain and configure basic virtual service components such as application profiles and network profiles Virtual Services Configuration Advanced Concepts Explain the virtual service advanced components such as Wildcard VIP, Server Name Identification (SNI), and Enhanced Virtual Hosting (EVH) Explain the concept of virtual service VIP Sharing Explain different authentication mechanisms used for a virtual service such as LDAP, SAML, JSON Web Token, and OAUTH Profiles and Policies Explain application profiles and types such as L4, DNS, Syslog, HTTP, and VMware Horizon VDI Explain and configure advanced application HTTP profile options Describe network profiles and types Explain and configure SSL profiles and certificates Explain and configure HTTP, network, and DNS policies Pools Configuration Concepts Explain pools configuration options Describe the available load balancing algorithms Explain multiple health monitor types Explain multiple Persistence profiles Explain and configure pool groups Modifying Application Behavior Design and apply application solutions by using application profiles Design and apply application solutions by using network, HTTP policies, and DataScripts Explain DataScript fundamentals Explain and use NSX Advanced Load Balancer analytics to understand application behavior Describe and configure client SSL certificate validation Describe and configure virtual service DDoS, Rate limiting, and Throttling capabilities Modify network profile properties such as TCP connection properties Design and apply application solutions by using Persistence profiles NSX Advanced Load Balancer Infrastructure Architecture Explain management, control, data, and consumption planes and functions Describe control plane clustering and high availability Describe controller sizing and process sharing Describe Service Engine CPU and NIC architecture Explain tenants Configure properties of Service Engine groups Explain Service Engine group high availability modes Describe and configure active-standby high availability mode Explain Service Engine placement in multiple availability zones for public clouds Describe and configure elastic HA high availability mode (Active-Active, N+M) Explain Service Engine failure detection and self-healing Describe Service Engine as a router Explain virtual service scale-out options such as Layer 2 (Native), Layer 3 (BGP), and DNS-based Describe how to upgrade NSX Advanced Load Balancer Introduction to Cloud Connector Explain cloud connectors Review cloud connector integration modes List cloud connector types Review the different Service Engine image types in different ecosystems Installing, Configuring, and Managing NSX Advanced Load Balancer in No-Orchestrator Cloud Explain No-Access cloud concepts Configure No-Access cloud integration on bare metal Explain and configure Linux Server Cloud Explain and configure VMware No Orchestrator Describe the advanced configuration options available in bare metal (Linux Server Cloud) Installing, Configuring, and Managing NSX Advanced Load Balancer in VMware Environment: Cloud Configuration Introduce VMware integration options Explain and configure VMware Write Access Cloud Connector Explain NSX Advanced Load Balancer integration options in a VMware NSX environment Explain and configure NSX Cloud Connector for Overlay and VLAN-backed segments AWS Cloud Configuration Describe NSX Advanced Load Balancer public cloud integrations Explain different AWS components Explain and demonstrate AWS public cloud integration Deploy VMware NSX Advanced Load Balancer Controller, SEs, and virtual services in AWS Cloud Review Multi-AZ Support for virtual services in AWS cloud GCP Cloud Configuration Explain different GCP components Explain and demonstrate GCP public cloud integration Deploy NSX Advanced Load Balancer Controller, SEs, and virtual services in GCP cloud Azure Cloud Configuration Describe NSX Advanced Load Balancer public cloud integrations Explain different Microsoft Azure components Explain and demonstrate Azure public cloud integration Deploy NSX Advanced Load Balancer Controller, SEs, and virtual services in Azure Cloud NSX Advanced Load Balancer Enterprise with Cloud Services (Avi Pulse) Describe NSX Advanced Load Balancer public cloud services Explain different features of NSX Advanced Load Balancer Cloud Services Register the controller with Cloud Services DNS Foundations Review, discuss, and explain DNS fundamentals Describe NSX Advanced Load Balancer DNS and IPAM providers Global Server Load Balancing (GSLB) Introduce Global Server load balancing concepts and benefits Explain and configure the NSX Advanced Load Balancer infrastructure Explain and configure the DNS Virtual Service components Explain and configure GSLB Service Engine Group Describe and configure GSLB sites Explain and configure basic GSLB services to include pools and health monitors Describe GSLB Server Load Balancing algorithms Explain and configure health monitors based on data plane and control plane Describe GSLB Health Monitor Proxy Explain GSLB Site-Cookie Persistence Explain the different GSLB replication methods Role-Based Access Control (RBAC) Introduce local authentication in NSX Advanced Load Balancer Introduce remote authentication in NSX Advanced Load Balancer Review the different types of remote authentication Explain granular RBAC using labels NSX Advanced Load Balancer: Troubleshooting Introduce infrastructure and application troubleshooting concepts Describe troubleshooting based on control plane and data plane Explain application analytics and logs Describe client logs analysis Explain headers troubleshooting and packet capture mechanism Describe how to use CLI for detailed data plane troubleshooting Explain Service Engine logs Explain health monitors troubleshooting Explain BGP session troubleshooting Describe control plane troubleshooting, clustering, and cloud connector issues Events and Alerts Describe NSX Advanced Load Balancer events Describe and configure NSX Advanced Load Balancer alerts Describe NSX Advanced Load Balancer monitoring capabilities with SNMP, Syslog, and Email Introduction to NSX Advanced Load Balancer Rest API Introduce the NSX Advanced Load Balancer REST API interface Describe REST API Object Schema Explain and interact with REST API interface with