1. Analyzing Campus Network Designs
Enterprise Campus Architecture
- Cisco SONA
- Benefits of the enterprise campus architecture
- Function of the core layer
- Impact of traffic types on the network infrastructure
Cisco Lifecycle Services and Network Implementation
- The PPDIOO lifecycle approach
- PPDIOO implementation planning
Lab 1-1 Debrief
2. Implementing VLANs in Campus Networks
Applying Best Practices for VLAN Topologies
- VLAN segmentation models
- Given an enterprise VLAN network design, information needed to create an implementation plan, choices that need to be made, and the consequences of those choices
- Given an enterprise VLAN network design that contains end-to-end VLANs and trunks, create an implementation and verification plan then successfully execute that plan
- Given an enterprise VLAN network design that contains VTP, create an implementation and verification plan then successfully execute that plan
Configuring Private VLANs (PVLANs)
- PVLANs
- Configure isolated PVLANs
- Configure community PVLANs
- Given an enterprise VLAN network design that contains PVLANs, create an implementation and verification plan then successfully execute that plan
- Configure PVLANs across multiple switches
Configuring Link Aggregation with EtherChannel
- Benefits of EtherChannel
- Compare the PAgP and the LACP
- Given an enterprise VLAN network design that contains Layer 2 EtherChannel links, create an implementation and verification plan then successfully execute that plan
- Given an enterprise VLAN network design that contains load balancing among the ports included in an EtherChannel, create an implementation and verification plan, and then successfully execute that plan
Lab 2-1 Debrief
Lab 2-2 Debrief
Lab 2-3 Debrief
3. Implementing Spanning Tree
Spanning Tree Protocol (STP) Enhancements
- STP standards
- STP operations
- Implement and configure PVRST+
- RSTP port roles
- Verify RSTP configurations
- MSTP
- Implement and configure MSTP
STP Stability Mechanisms
- Protect the operation of STP
- Configure BPDUGuard
- Configure BPDUFilter
- Configure RootGuard
- Configure LoopGuard
- Configure UDLD to detect and shut down unidirectional links
- Optimize STP operations by using the right combination of STP stability features
Lab 3-1 Debrief
Lab 3-2 Debrief
4. Implementing Inter-VLAN Routing
Routing Between VLANs
- Configure and verify inter-VLAN routing in a Layer 2 topology using an external router, a switch SVI, or a switch-routed interface
- Configure both a switch and router to accommodate inter-VLAN packet transfer using an external router
Layer 3 SVI
- Commands that are used to configure an SVI
- A routed port on a multilayer switch
- Commands that are used to configure a routed port on a multilayer switch
- Configure Layer 3 EtherChannel links
- Configure inter-VLAN routing on a multilayer switch
- Configure DHCP services on a Layer 3 switch
Deploying Multilayer Switching with Cisco Express Forwarding
- Configure and verify inter-VLAN routing in a Layer 2 topology using multilayer switching with Cisco Express Forwarding
- Process of multilayer switching and how it differs when you are performing Layer 2 vs. Layer 3 switching
- Packet and frame header rewriting performed by a multilayer switch
- Layer 3 switch processing
- Switching methods available on a Cisco switch
- Configure Cisco Express Forwarding on a Cisco switch
Lab 4-1 Debrief
Lab 4-2 Debrief
5. Implementing a Highly Available Network
High Availability
- Evaluate the uses, requirements, benefits, and performance expectations of high availability in a given enterprise network design
- Resiliency for high availability
- Design the network for optimal redundancy
- Implementing High Availability
Implement high availability at the switch level
- Use Cisco StackWise technology on access switches
- Evaluate the impact of too little redundancy
- Assess the impact of uplink failure
- Implementing Network Monitoring
Implement network monitoring
- Configure IP SLA technology
Lab 5-1 Debrief
6. Implementing Layer 3 High Availability
Configuring Layer 3 Redundancy with HSRP
- Routing issues
- Router redundancy process
- Configure HSRP operations
- Fine-tune HSRP
- Troubleshoot HSRP
Configuring Layer 3 Redundancy with VRRP and GLBP
- VRRP
- VRRP operations process
- Configure VRRP
- GLBP
- GLBP operations process
- Configure GLBP
Lab 6-1 Debrief
Lab 6-2 Debrief
7. Minimizing Service Loss and Data Theft in a Campus Network
Switch Security Issues
- Switch and Layer 2 security as a subset of an overall network security plan
- How a rogue device gains unauthorized access to a network
- Categorize switch attack types and list mitigation options
- How a MAC flooding attack works to overflow a CAM Campus Backbone Layer table
- How port security is used to block input from devices based on Layer 2 restrictions
- Procedure for configuring port security on a switch
- Methods that can be used for authentication using AAA
- Port-based authentication using 802.1X
Protecting Against VLAN Attacks
- How VLAN hopping occurs and why it is a security vulnerability
- Procedure for configuring a switch to mitigate VLAN hopping attacks
- VACLs and their purpose as part of VLAN security
- Procedure for configuring VACLs
- Protecting Against Spoofing Attacks
- DHCP spoofing attacks
- Prevent attacks using DHCP snooping
- Configure DHCP snooping
- ARP poisoning
- Protect against ARP spoofing attacks with DAI
Securing Network Services
- Cisco Discovery Protocol and LLDP vulnerabilities
- Telnet protocol vulnerabilities
- Configure SSH
- Configure vty ACLs
- Configure Cisco IOS secure HTTP server
- Switch security considerations
Lab 7-1 Debrief
8. Accommodating Voice and Video in Campus Networks
Planning for Support of Voice in a Campus Network
- Components of a VoIP network and the components of IP telephony
- Uniform bandwidth consumption of voice traffic vs. the intermittent bandwidth consumption of data traffic
- Compare video bandwidth consumption to voice and data bandwidth consumption based on video application types
- Solution for latency, jitter, bandwidth, packet loss, reliability, and security for voice and video traffic integration into a data network
Integrating and Verifying VoIP in a Campus Infrastructure
- Plan for VoIP requirements
- Voice VLANs
- Configure and Verify Voice VLANs
- Plan PoE requirements and configure PoE
- Provide additional services required by VoIP devices
- Create a Test Plan for VoIP integration
Working with Specialists to Accommodate Voice and Video on Campus Switches
- High availability applied to VoIP or video traffic
- Build an integrated voice/video/data campus network
- The need for QoS for VoIP and video integration
- Configure basic QoS for voice and video VLANs
Lab 8-1 Debrief
9. Integrating Wireless LANs into a Campus Network
Comparing WLANs with Campus Networks
- WLANs
- Compare wired and wireless LAN
- Main wireless LAN topologies
- Settings specific to WLANs, such as SSIDs, and WLAN-to-VLAN mapping
Assessing the Impact of WLANs on Campus Networks
- WLAN implementations
- Compare WLAN solutions
- Assess traffic flow in an autonomous AP configuration and its impact on the campus LAN
- Assess traffic flow in an controller-based configuration and its impact on the campus LAN
Preparing the Campus Infrastructure for WLANs
- Best placement for APs and controllers
- Configure switches for WLAN devices
- Gather WLAN requirements
- Plan WLAN integration
- Create a test plan
Lab 9-1 Debrief