Cisco Software Defined Access and ISE Integration for Policy Deployment and Enforcement (SDAISE)

4.6 out of 5 rating

Jump to dates

Duration

3 Days

18 CPD hours

About this course

The primary audience for this course is as follows:Anyone interested in knowing about SD-AccessPersonnel involved in SD-Access Design and ImplementationNetwork Operations team with SD-Access solution

Overview

Upon completing this course, the learner will be able to meet these overall objectives:Explain the role that ISE plays as part of the solutionConfigure AAA services and TrustSec Policy in ISEExplain ISE Integration with DNA Center for Policy enforcementKnow and understand Cisco's SD-Access concepts, features, benefits, terminology and the way this approach innovates common administrative tasks on today's networks.Differentiate and explain each of the building blocks of SD-Access SolutionExplain the concept of Fabric and the different node types that conform it (Fabric Edge Nodes, Control Plane Nodes, Border Nodes)Describe the role of LISP in Control Plane and VXLAN in Data Plane for SD-Access SolutionUnderstand TrustSec concepts, deployment details and the way it is used as part of SD-Access Solution for segmentation and Policy EnforcementUnderstand the role of DNA Center as solution orchestrator and Intelligent GUIBe familiar with workflow approach in DNA Center Design, Policy, Provision and Assurance

Description

Software-Defined Access (SD-Access) is the industry's first intent-based networking solution for the Enterprise built on the principles of Cisco's Digital Network Architecture (DNA). SD-Access provides automated end-to-end segmentation to separate user, device and application traffic without redesigning the network. SD-Access automates user access policy so organizations can make sure the right policies are established for any user or device with any application across the network. This is accomplished with a single network fabric across LAN and WLAN which creates a consistent user experience anywhere without compromising on security.

Cisco ISE Integration for SD Access
  • Introduction to Cisco ISE
  • Using Cisco ISE as a Network Access Policy Engine
  • Introducing Cisco ISE Deployment Models
  • Introducing 802.1x and MAB Access: Wired and Wireless
  • Introducing Identity Management
  • Configuring Certificate Service
  • Introducing Cisco ISE Policy
  • Configuring Cisco ISE Policy Sets
  • Introduction to Cisco TrustSec for segmentation
  • The Concept of Security Group (SG) and Security Group Tag (SGT)
  • Cisco TrustSec Phases
  • Classification
  • Propagation
  • Enforcement
  • Methods for Classification
  • Static Classification
  • Dynamic Classification
  • Methods for SGT tag propagation
  • Inline Tagging
  • SGT Exchange Protocol (SXP)
Introduction to Ciscos Software Defined Access (SD-Access)
  • SD-Access Overview
  • SD-Access Benefits
  • SD-Access Key Concepts
  • SD-Access Main Components
  • Campus Fabric
  • Wired
  • Wireless
  • Nodes
  • Edge
  • Border
  • Control Plane
  • DNA Controller (APIC-EM Controller)
  • Introducing Cisco ISE 2.x px
  • 2-level Hierarchy
  • Macro Level: Virtual Network (VN)
  • Micro Level: Scalable Group (SG)
DNA Center Workflow
  • DNA Center Refresher
  • Creating Enterprise and Sites Hierarchy
  • Configuring General Network Settings
  • Loading maps into the GUI
  • IP Address Management
  • Software Image Management
  • Network Device Profiles
  • Introduction to Analytics
  • NDP Fundamentals
  • Overview of DNA Assurance
SD-Access Campus Fabric
  • The concept of Fabric
  • Node types (Breakdown)
  • LISP as protocol for Control Plane
  • VXLAN as protocol for Data Plane
Campus Fabric External Connectivity for SD-Access
  • Enterprise Sample Topology for SD-Access
  • Role of Border Nodes
  • Types of Border Nodes
  • Border
  • Default Border
  • Single Border vs. Multiple Border Designs
  • Collocated Border and Control Plane Nodes
  • Distributed (separated) Border and Control Plane Nodes
Implementing WLAN in SD-Access Solution
  • WLAN Integration Strategies in SD-Access Fabric
  • Fabric CUWN
  • SD-Access Wireless (Fabric enabled WLC and AP)
  • SD-Access Wireless Architecture
  • Control Plane: LISP and WLC
  • Data Plane: VXLAN
  • Policy Plane and Segmentation: VN and SGT
  • Sample Design for SD-Access Wireless
Additional course details:

Nexus Humans Cisco Software Defined Access and ISE Integration for Policy Deployment and Enforcement (SDAISE) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward.

This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts.

Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success.

While we feel this is the best course for the Cisco Software Defined Access and ISE Integration for Policy Deployment and Enforcement (SDAISE) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you.

Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Training Insurance Included!

When you organise training, we understand that there is a risk that some people may fall ill, become unavailable. To mitigate the risk we include training insurance for each delegate enrolled on our public schedule, they are welcome to sit on the same Public class within 6 months at no charge, if the case arises.

What people say about us


Find out more about this course

Interested in alternative dates? Would like to book a private session of this course for your company? Or for any other queries please simply fill out the form below.