Cisco
Cisco Enterprise
CCNA – Implementing and Administering Cisco Solutions 2.0
Длительность: 5 дней (40 часов)
Код курса: CCNA
Стоимость обучения.
Очный формат: 427 000 ₸
Онлайн формат: 406 000 ₸
Записаться
Course Description:
The Implementing and Administering Cisco Solutions (CCNA) v2.0 course gives you a broad range of fundamental knowledge for all IT
careers. Through a combination of lecture, hands-on labs, and self-study, you will learn how to install, operate, configure, and verify basic IPv4
and IPv6 networks. The course covers configuring network components such as switches, routers, and wireless LAN controllers; managing
network devices; and identifying basic security threats. The course also gives you a foundation in network programmability, automation, and
software-defined networking.
This course helps you prepare to take the 200-301 Cisco Certified Network Associate (CCNA ) exam. By passing this one exam, you earn
the CCNA certification. This course also earns you 30 Continuing Education (CE) credits towards recertification.
This course will help you:
Learn the knowledge and skills to install, configure, and operate a small- to medium-sized network
Gain a foundation in the essentials of networking, security, and automation
Earn 30 CE credits toward recertification
Who Should Enroll
This course is designed for anyone seeking CCNA certification. The course also provides foundational knowledge for all support technicians
involved in the basic installation, operation, and verification of Cisco networks.
The job roles best suited to the material in this course are:
Entry-level network engineer
Network administrator
Network support technician
Help desk technician
What to Expect in the Exam:
The 200-301 CCNA exam certifies your knowledge and skills related to network fundamentals, network access, IP connectivity, IP services,
security fundamentals, and automation and programmability.
After you pass 200-301 CCNA, you earn CCNA certification.
After taking this course, you should be able to:
Identify the components of a computer network and describe their basic characteristics
Understand the model of host-to-host communication
Describe the features and functions of the Cisco Internetwork Operating System (IOS®) software
Describe LANs and the role of switches within LANs
Describe Ethernet as the network access layer of TCP/IP and describe the operation of switches
Install a switch and perform the initial configuration
Describe the TCP/IP Internet layer, IPv4, its addressing scheme, and subnetting
Describe the TCP/IP Transport layer and Application layer
Explore functions of routing
Implement basic configuration on a Cisco router
Explain host-to-host communications across switches and routers
Identify and resolve common switched network issues and common problems associated with IPv4 addressing
Describe IPv6 main features and addresses, and configure and verify basic IPv6 connectivity
Describe the operation, benefits, and limitations of static routing
Describe, implement, and verify virtual local area networks (VLANs) and trunks
Describe the application and configuration of inter-VLAN routing
Explain the basics of dynamic routing protocols and describe components and terms of Open Shortest Path First (OSPF)
Explain how Spanning Tree Protocol (STP) and Rapid Spanning Tree Protocol (RSTP) work
Configure link aggregation using EtherChannel
Describe the purpose of Layer 3 redundancy protocols
Describe basic WAN and VPN concepts
Describe the operation of access control lists (ACLs) and their applications in the network
Configure Internet access using Dynamic Host Configuration Protocol (DHCP) clients and explain and configure network address
translation (NAT) on Cisco routers
Describe basic quality of service (QoS) concepts
Describe the concepts of wireless networks, which types of wireless networks can be built, and how to use Wireless LAN Controllers
(WLCs)
Describe network and device architectures and introduce virtualization
Introduce the concept of network programmability and Software-Defined Networking (SDN) and describe smart network management
solutions such as Cisco DNA Center™, Software-Defined Access (SD-Access), and Software-Defined Wide Area Network (SD-WAN)
Configure basic IOS system monitoring tools
Describe the management of Cisco devices
Describe the current security threat landscape
Describe threat defense technologies
Implement a basic security configuration of the device management plane
Implement basic steps to harden network devices
Before taking this course, you should have:
Basic computer literacy
Basic PC operating system navigation skills
Basic Internet usage skills
Basic IP address knowledge
There are no formal prerequisites for CCNA certification, but you should make sure to have a good understanding of the exam topics.
Course Outline:
This class includes lecture sections and some self-study sections. In instructor-led classes,
lectures are delivered in real-time, either in person or via video conferencing.
In e-learning classes, the lectures are on recorded videos.
Section title — Learning mode
Exploring the Functions of Networking — Lecture
Introducing the Host-to-Host Communications Model — Lecture
Operating Cisco IOS Software — Lecture
Introducing LANs — Lecture
Exploring the TCP/IP Link Layer — Lecture
Starting a Switch — Lecture
Introducing the TCP/IP Internet Layer, IPv4 Addressing, and Subnets — Lecture
Explaining the TCP/IP Transport Layer and Application Layer — Lecture
Exploring the Functions of Routing — Lecture
Configuring a Cisco Router — Lecture
Exploring the Packet Delivery Process — Lecture
Troubleshooting a Simple Network — Lecture
Introducing Basic IPv6 — Lecture
Configuring Static Routing — Lecture
Implementing VLANs and Trunks — Lecture
Routing Between VLANs — Lecture
Introducing OSPF — Lecture
Building Redundant Switched Topologies — Self-study
Improving Redundant Switched Topologies with EtherChannel — Lecture
Exploring Layer 3 Redundancy — Self-study
Introducing WAN Technologies — Self-study
Explaining Basics of ACL — Lecture
Enabling Internet Connectivity — Lecture
Introducing QoS — Self-study
Explaining Wireless Fundamentals — Self-study
Introducing Architectures and Virtualization — Self-study
Explaining the Evolution of Intelligent Networks — Lecture
Introducing System Monitoring — Lecture
Managing Cisco Devices — Lecture
Examining the Security Threat Landscape – Self-study
Lab Outline:
Get Started with Cisco Command-Line Interface (CLI)
Observe How a Switch Operates
Perform Basic Switch Configuration
Implement the Initial Switch Configuration
Inspect TCP/IP Applications
Configure an Interface on a Cisco Router
Configure and Verify Layer 2 Discovery Protocols
Implement an Initial Router Configuration
Configure Default Gateway
Explore Packet Forwarding
Troubleshoot Switch Media and Port Issues
Troubleshoot Port Duplex Issues
Configure Basic IPv6 Connectivity
Configure and Verify IPv4 Static Routes
Configure IPv6 Static Routes
Implement IPv4 Static Routing
Implement IPv6 Static Routing
Configure VLANs and Trunk
Troubleshoot VLANs and Trunk
Configure Inter-VLAN Routing
Implement Multiple VLANs and Basic Routing Between the VLANs
Configure and Verify Single-Area OSPF
Configure and Verify EtherChannel
Improve Redundant Switched Topologies with EtherChannel
Configure and Verify IPv4 ACLs
Implement Numbered and Named IPv4 ACLs
Configure a Provider-Assigned IPv4 Address
Configure Static NAT
Configure Dynamic NAT and Port Address Translation (PAT)
Implement PAT
Explore the Cisco DNA™ Center
Configure and Verify NTP
Configure System Message Logging
Create the Cisco IOS Image Backup
Upgrade Cisco IOS Image
Secure Console and Remote Access
Enable and Limit Remote Access Connectivity
Secure Device Administrative Access
Configure and Verify Port Security
Implement Device Hardening
Log into and Monitor the WLC
Configure an Open Wireless Network
Define a RADIUS Server and Enable SNMP and Syslog
Configure a WLAN to Use WPA2 PSK
ENCOR - Implementing and Operating Cisco Enterprise Network Core Technologies
Длительность: 5 дней (40 часов)
Код курса: ENCOR
Стоимость обучения.
Очный формат: 584 000 ₸
Онлайн формат: 555 000 ₸
Записаться
Кому следует посетить:
Сетевым администраторам
Специалистам технической поддержки сети
Специалистам технической поддержки пользователей
Техническим специалистам, заинтересованным в получении статусов Cisco CCNP Enterprise и CCIE Enterprise
Этот курс является частью следующих программ сертификаций:
Cisco Certified Network Professional Enterprise (CCNP)
Предварительные требования:
Опыт построения корпоративных локальных сетей
Базовые знания о маршрутизации в корпоративной сети и принципах построения беспроводной локальной вычислительной сети, базовые знания в области использования скриптов Python
После прохождения обучения слушатели будут уметь:
Понимать подходы Cisco к сетевому проектированию, описывать иерархическую трехуровневую модель дизайна сети
Сравнивать и анализировать различные механизмы аппаратного и программного уровней, включая TCAM, CAM, процессы коммутации, fast switching, Cisco Express Forwarding
Устранять неполадки в работе технологий VLAN и trunking канального уровня
Оптимизировать работу протокола spanning tree protocol
Устранять неполадки в работе технологии Etherchannel, которая используется для агрегации каналов
Описывать особенности протокола EIGRP, включая процесс расчета метрик и выбора наилучших маршрутов
Внедрять и оптимизировать работу протоколов OSPFv2 и OSPFv3
Внедрять маршрутизацию по протоколу EBGP
Использовать протоколы HSRP и VRRP для построения отказоустойчивой топологии
Внедрять статическую и динамическую трансляцию сетевых адресов
Описывать технологии виртуализации серверов, коммутаторов, сетевых устройств и других сетевых компонентов
Использовать технологии VRF, GRE, VPN и LISP
Понимать компоненты БЛВС и концепции построения беспроводных сетей, включая принципы использования радиочастотного спектра,характеристики антенн, стандарты и нормы
Понимать различия между различными типами дизайна БЛВС: автономные точки доступа, облачные решения, централизованная архитектура с использование Cisco WLC
Описывать процесс роуминга
Понимать процесс взаимодействия точек доступа с централизованным контролером БЛВС
Настраивать аутентификацию с использованием EAP, WebAuth, PSK на WLC
Устранять неполадки в подключении беспроводных клиентов
Использовать протоколы и механизмы NTP, SNMP, Cisco IOS IP SLA, NetFlow, Cisco Embedded Event Manager
Знать различные механизмы поиска и устранения неполадок
Использовать RBAC, ACL и SSH для обеспечения безопасного доступа
Понимать преимущества модели ААА
Настраивать основные механизмы безопасности в сети, следуя рекомендациям вендора (VPNб logging, endpoint security, personal firewall)
Понимать функции и особенности Cisco DNA Center Assurance для мониторинг и обеспечения видимости в сети
Описывать компоненты и функции Cisco SD-WAN
Разбираться в работе протоколов IGMP v2/v3, PIM в режимах dense/sparse, в функциях rendevous points
Описывать функции QoS
Объяснять базовые компоненты скриптов Python
Описывать протоколы NETCONF, RESTCONF, которые используются для построения программно-определяемых сетей
Описывать API в Cisco DNA Center и vManage
Краткое содержание курса:
Курс посвящен ключевым сетевым технологиям, которые используются для построения корпоративной проводной и беспроводной сети. Слушатели курса научатся настраивать сетевые устройства, искать и устранять неполадки в их работе, внедрять механизмы безопасности, использоваться решения SD-Access и SD-WAN. Курс, также, охватывает функции автоматизации и программируемости современных сетей. Курс входит в новые сертификации Cisco CCNP Enterprise и CCIE Enterprise.
Программа курса:
Введение в курс
Исследование архитектуры корпоративной сети Cisco
Модель архитектуры
Фундаментальные основы дизайна
Традиционная многоуровневая модель
Уровень распределения
Анализ процессов коммутации
Принципы работы коммутаторов канального уровня
Плоскость контроля и плоскость управления
Механизмы коммутации Cisco
Технологии, которые используются в локальных вычислительных сетях
VLAN
Транк-линки, стандарт 802.1Q
Маршрутизация между VLAN
Исследование протокола STP
Обзор STP
Анализ работы протокола
Типы и функции протокола STP
MSTP
Механизмы PortFast и BPDU Guard
Агрегация портов
Зачем нужна агрегация портов
EtherChannel
Процесс настройки EtherChannel
Балансировка нагрузка в EtherChannel
Поиск и устранение неполадок в работе EtherChannel
EIGRP
Основные функции
Анализ надежности
Установление отношений соседства
Метрики маршрутов
Выбор пути
Балансировка нагрузки
EIGRP для IPv6
Сравнение EIGRP и OSPF
OSPF
Описание протокола
Установление отношений соседства
Построение Link-State Database
Типа LSA
Использование различных областей OSPF
Структура области
Типы сетей OSPF
Оптимизация работы OSPF
OSPF Cost
Суммирование маршрутов
Фильтрация маршрутов
Сравнение версий протокола
Исследование EBGP
Маршрутизация между доменами
Типы отношений соседства
Выбор пути
Атрибуты пути
Внедрение протоколов отказоустойчивости шлюза
Зачем это нужно
Семейство протоколов FHRP
HSRP
Внедрение NAT
Трансляция сетевых адресов
Типы NAT
NVI
Внедрение NAT
Введение в протоколы виртуализации
Серверная виртуализация
Необходимость в механизмах виртуализации
Path Isolation
Введение в VRF
GRE
VPN
Site-to-Site VPN
Обзор IPsec
IKE
Режимы работы IPsec
Типы IPsec VPN
Cisco IOS VTI
Исследование принципов построения БЛВС
Принципы работы с радиочастотным спектром
Математические функции
Характеристики антенн
Стандарты IEEE
Дизайн беспроводных вычислительных сетей
Обзор вариантов дизайна БЛВС
Использование автономных точек доступа
Централизованная архитектура с Cisco WLC
Архитектура FlexConnect
Облачная архитектура
Контроллеры Cisco Catalyst 9800
Cisco Mobility Express
Функции роуминга и сервисы местоположения
Обзор роуминга
Мобильные группы и домены
Типы роуминга
Сервисы на основе местоположения
Принципы работы точек доступа
Универсальные точки доступа
Процесс поиска контроллера
AP Failover
High Availability
Режимы работы AP
Процесс аутентификации беспроводных клиентов
Методы аутентификации
PSK
Пользовательская аутентификация с использованием 802.1X
PKI и аутентификация по сертификатам
EAP
EAP-TLS
PEAP
EAP-FAST
Гостевой доступ и веб-аутентификация
Поиск и устранение неполадок в подключении беспроводных клиентов
Механизмы для поиска неисправностей
Анализ спектра
Сканирование каналов Wi-Fi
Пакетный анализ
Механизмы графического интерфейса и команды CLI в AirOS
Cisco Wireless Config Analyzer Express
Распространенные проблемы подключения клиентов
Настройки WLAN
Настройки инфраструктуры
Введение в протоколы групповой рассылки (самостоятельное изучение)
Обзор технологий multicast
IGMP
Multicast Distribution Trees
Маршуртизация
Rendezvous Points
Введение в QoS (самостоятельное изучение)
Влияние приложений на сеть
Зачем нужен QoS
Обзор механизмов
Политика QoS
Использование сетевых сервисов
NTP
Syslog
SNMP
NetFlow
Flexible NetFlow
Cisco IOS Embedded Event Manager
Инструменты для сетевого анализа
Основы процесса поиска и устранения неполадок
Распространенные сценарии
Диагностика аппаратного уровня
Фильтрация выводов команд
Cisco IOS IP SLA
SPAN
RSPAN
ERSPAN
Cisco Packet Capture
Внедрение механизмов инфраструктурной безопасности
ACL
Control Plane Policing
Контроль доступа
AAA Framework
Преимущества использования ААА
Опции аутентификации
RADIUS и TACACS+
Настройки авторизации и учета
Исследование архитектуры безопасности корпоративной сети (самостоятельное изучение)
Современные угрозы
IPS
VPN
Content Security
Logging
Endpoint Security
МСЭ
Антивирусы
Централизованное управление политиками безопасности
Cisco AMP
TrustSec
MACsec
802.1Х для аутентификации проводных и беспроводных клиентов
MAC Authentication Bypass
Веб-аутентификация
Использование Cisco DNA Center для автоматизации (самостоятельное изучение)
Цифровая трансформация
Архитектура Cisco Digital Network
Cisco DNA Center
Cisco DNA Assurance
Workflow
Исследование решения Cisco SD-Access (самостоятельное изучение)
Зачем использовать SD-Access
Обзор
Cisco SD-Access Fabric Control Plane
Cisco SD-Access Fabric Policy Plane
Компоненты фабрики
Роли Ciso ISE и Cisco DNA Center в SD-Access
Интеграция с беспроводной инфраструктурой
Обзор решения Cisco SD-WAN (самостоятельное изучение)
Зачем нужен SD-WAN
Компоненты
Orchestration Plane
Management Plane
Control Plane
Data Plane
Автоматизация и аналитика
Основы программирования на Python (самостоятельное изучение)
Концепции
Строковые типы данных
Численные типы данных
Двоичные типы данных
Написание и выполнение скриптов
Анализ кода
Протоколы для программных сетей (самостоятельное изучение)
История развития
Форматы кодирования данных
Модели данных
Modern Driven Programmability Stack
YANG
REST
NETCONF
RESRCONF
Обзор Cisco IOS XE и IOS XR
Введение в API Cisco DNA Center и vManage (самостоятельное изучение)
API
Коды ответов и результатов в REST API
Безопасность в REST API
API в DNA Cente
REST API в vManage
ENARSI - Implementing Cisco Enterprise Advanced Routing and Services v1.0
Длительность: 5 дней (40 часов)
Код курса: ENARSI
Стоимость обучения.
Очный формат: 584 000 ₸
Онлайн формат: 555 000 ₸
Записаться
Course Overview
The Implementing Cisco Enterprise Advanced Routing and Services (ENARSI) v1.0 gives you the knowledge you need to install, configure, operate, and troubleshoot an enterprise network. This course covers advanced routing and infrastructure technologies, expanding on the topics covered in the Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) v1.0 course.
This course helps prepare you to take the exam, Implementing Cisco Enterprise Advanced Routing and Services (300-410 ENARSI), which leads to the new CCNP® Enterprise and Cisco Certified Specialist – Enterprise Advanced Infrastructure Implementation certifications.
Who should attend
Enterprise network engineers
System engineers
System administrators
Network administrators
Certifications
This course is part of the following Certifications:
Cisco Certified Network Professional Enterprise
Prerequisites
Before taking this course, you should have:
General understanding of network fundamentals
Basic knowledge of how to implement LANs
General understanding of how to manage network devices
General understanding of how to secure network devices
Basic knowledge of network automation
These Cisco courses are recommended to help you meet these prerequisites:
Implementing and Administering Cisco Solutions (CCNA)
Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR)
Lab Topology
Configure EIGRP Using Classic Mode and Named Mode for IPv4 and IPv6
Verify the EIGRP Topology Table
Configure EIGRP Stub Routing, Summarization, and Default Routing
Configure EIGRP Load Balancing and Authentication
LAB: Troubleshoot EIGRP Issues
Configure OSPFv3 for IPv4 and IPv6
Verify the Link-State Database
Configure OSPF Stub Areas and Summarization
Configure OSPF Authentication
Troubleshoot OSPF
Implement Routing Protocol Redistribution
Manipulate Redistribution
Manipulate Redistribution Using Route Maps
Troubleshoot Redistribution Issues
Implement PBR
Configure IBGP and EBGP
Implement BGP Path Selection
Configure BGP Advanced Features
Configure BGP Route Reflectors
Configure MP-BGP for IPv4 and IPv6
Troubleshoot BGP Issues
Implement PBR
Configure Routing with VRF-Lite
Implement Cisco IOS DMVPN
Obtain IPv6 Addresses Dynamically
Troubleshoot DHCPv4 and DHCPv6 Issues
Troubleshoot IPv4 and IPv6 ACL Issues
Configure and Verify Control Plane Policing
Configure and Verify uRPF
Troubleshoot Network Management Protocol Issues: Lab 1
Troubleshoot Network Management Protocol Issues: Lab 2
ENSLD - Designing Cisco Enterprise Networks
Длительность: 5 дней (40 часов)
Код курса: ENSLD
Стоимость обучения.
Очный формат: 730 000 ₸
Онлайн формат: 693 000 ₸
Записаться
Кому следует посетить:
Сетевым инженерам
Системным администраторам
Сетевым архитекторам
Сертификации:
Этот курс является частью следующих программ сертификаций: Certified Network Professional Enterprise
Предварительные требования:
Для прохождения данного курса слушатели должны иметь сертификат CCNA® или обладать опытом и понимать следующие темы:
Фундаментальные основы построения сетей, построение простых локальных сетей
IP-адресация
Основы коммутации и маршрутизации
Базовые принципы построения беспроводных вычислительных локальных сетей (БЛВС)
В процессе прохождения данного курса слушатели научатся:
Проектировать топологию маршрутизации по протоколу Enhanced Interior Gateway Routing Protocol (EIGRP) для корпоративной сети
Проектировать топологию маршрутизации по протоколу Open Shortest Path First (OSPF) для корпоративной сети
Проектировать топологию маршрутизации по протоколу Intermediate System to Intermediate System (IS-IS) для корпоративной сети
Проектировать сеть на основе требования заказчика
Проектировать топологию маршрутизации по протоколу Border Gateway Protocol (BGP) для корпоративной сети
Описывать типы и варианты использования адресных семейств Multiprotocol BGP (MP-BGP)
Описывать распределение нагрузки BGP
Проектировать BGP-маршрутизацию на основе требований заказчика
Решать, где будет проходить граница L2/L3 в офисной сети
Описывать требования к L2-дизайну офисной сети
Проектировать локальную сеть на основе требований заказчика
Описывать особенности проектирования сети на сетевом уровне
Понимать концепции Cisco SD-Access
Описывать дизайн Cisco SD-Access Fabric
Разрабатывать Software-Defined Access (SD-Access) на основе требований заказчика
Проектировать архитектуру VPN в провайдерских сетях
Проектировать архитектуру VPN в корпоративных сетях
Проектировать отказоустойчивую сеть WAN, в том числе, на основе требований заказчика
Понимать архитектуру Cisco SD-WAN
Строить отказоустойчивую архитектуру Cisco SD-WAN
Объяснять базовые принципы QoS
Проектировать Quality of Service (QoS) для WAN
Понимать принципы работы многоадресной рассылки
Применять различные варианты использования rendezvous point
Оптимизировать планы IP-адресации в инфраструктуре
Составлять план адресации IPv6
Планировать развертывание IPv6 в существующей корпоративной сети IPv4
Понимать потенциальные проблемы, с которыми можно столкнуться при внедрении IPv6
Проектировать план адресации IPv6 на основе требований заказчика
Описывать сетевые API и протоколы
Описывать Yet Another Next Generation (YANG), Network Configuration Protocol (NETCONF), и Representational State Transfer Configuration Protocol (RESTCONF)
Содержание курса:
Курс Designing Cisco Enterprise Networks (ENSLD) v1.0 дает слушателям знания и навыки, необходимые для проектирования и оптимизации существующего дизайна корпоративной сети. Курс охватывает углубленные темы по разработке сетевого дизайна и является логическим продолжением курса Внедрение ключевых технологий корпоративных сетей Cisco (ENCOR). Этот курс также поможет подготовиться к сдаче экзамена Designing Cisco Enterprise Networks v1.0 (ENSLD 300-420), который является частью сертификаций CCNP® Enterprise и Cisco Certified Specialist – Enterprise Design.
Программа курса:
Проектирование маршрутизации EIGRP
Проектирование маршрутизации OSPF
Проектирование маршрутизации IS-IS
Проектирование маршрутизации BGP
Понимание адресных семейств BGP
Проектирование локальных сетей
Анализ механизмов Layer 2
Анализ механизмов Layer 3
Знакомство с архитектурой Cisco SD-Access
Изучение структуры Cisco SD-Access Fabric
Разработка архитектуры VPN, управляемых провайдером
Разработка архитектуры корпоративных VPN
Проектирование WAN Resiliency
Изучение архитектуры Cisco SD-WAN
Особенности проектирования развертывания Cisco SD-WAN
Проектирование маршрутизации и высокой доступности Cisco SD-WAN
Основы QoS
Проектирование LAN и WAN QoS
Изучение многоадресной передачи в режиме Protocol-Independent Multicast-Sparse Mode
Разработка решений с использованием Rendezvous Point
Разработка плана адресации IPv4
Изучение IPv6
Внедрение IPv6
Сетевые API и протоколы
Исследование работы YANG, NETCONF, RESTCONF, и Model-Driven Telemetry
ENWLSD - Designing Cisco Enterprise Wireless Networks
Длительность: 5 дней (40 часов)
Код курса: ENWLSD
Стоимость обучения.
Очный формат: 836 000 ₸
Онлайн формат: 795 000 ₸
Записаться
Длительность обучения:
Instructor-led training: 5 days in the classroom with hands-on lab practice
Virtual instructor-led training: 5 days of web-based classes with hands-on lab practice
E-learning: Equivalent of 5 days instruction with video and hands-on lab practice
Кому следует посетить:
his course is for wireless engineers who work in the following roles:
Consulting systems engineer
Network administrator
Network engineer
Network manager
Sales engineer
Systems engineer
Technical solutions architect
Wireless design engineer
Wireless engineer
Предварительные требования:
Before taking this course, you should have:
General knowledge of networks
General knowledge of wireless networks
Routing and switching knowledge
Either of the following combinations of Cisco courses can help you meet these prerequisites:
Implementing Cisco Wireless Network Fundamentals (WIFUND) and Interconnecting Cisco Networking Devices, Part 1 (ICND1)
Coming soon: Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) and Understanding Cisco Wireless Foundations (WLFNDU)
Программа курса:
After taking this course, you should be able to:
Describe and implement a Cisco-recommended structured design methodology
Describe and implement industry standards, amendments, certifications, and Requests For Comments (RFCs)
Describe and implement Cisco enhanced wireless features
Describe and implement the wireless design process
Describe and implement specific vertical designs
Describe and implement site survey processes
Describe and implement network validation processes
Дополнительно:
This class includes lecture sections and some self-study sections. In instructor-led classes, lectures are delivered in real-time, either in person or via video conferencing. In e-learning classes, the lectures are on recorded videos
ENWLSI - Implementing Cisco Enterprise Wireless Networks
Длительность: 5 дней (40 часов)
Код курса: ENWLSI
Стоимость обучения.
Очный формат: 946 000 ₸
Онлайн формат: 898 000 ₸
Записаться
Курс позволяет слушателям получить знания и навыки, которые необходимы для защиты беспроводной инфраструктуры, для быстрого поиска и устранения неполадок в настройках механизмов безопасности. Слушатели узнают, как внедрить в сеть и использовать Cisco Identity Service Engine (ISE), Cisco Prime Infrastructure (PI), Cisco Connect Mobile Experience для мониторинга, управления и обеспечения видимости в сети.
В лабораторных работах слушатели будут работать с такими платформами как:
Cisco Prime Infrastructure Release 3.5
Cisco Catalyst 9800 Wireless Controller Release IOS XE Gibraltar 16.10
Cisco Digital Network Architecture (DNA) Center Release 1.2.8
Cisco CMX Release 10.5
Cisco MSE Release 8.0 features
Cisco Identity Services Engine (ISE) Release 2.4.
Материал курса готовит к экзамену Implementing Cisco Enterprise Wireless Networks (300-430 ENWLSI), после прохождения которого Вы получите статус Cisco Certified Specialist – Enterprise Wireless Implementation.
Для кого предназначен курс:
Для сетевых инженеров, работающих с БЛВС
Для инженеров участвующих в продажах.
Предварительные требования:
Implementing and Operating Cisco Enterprise Network Core Technologies – ENCOR
Understanding Cisco Wireless Foundations – WLFNDU
Или следующие знания:
Базовые знания о работе сетей
Базовые знания о работе беспроводных сетей
Знания маршрутизации и коммутации
После прохождения обучения слушатели будут уметь:
Применять настройки для обеспечения безопасности беспроводной инфраструктуры
Искать и устранять неполадки и проблемы, связанные с настройками безопасности беспроводной сети
Внедрять безопасное подключение беспроводных клиентов
Внедрять QoS в беспроводных сетях, уметь быстро устранять неполадки
Внедрять дополнительные расширенные сервисы в беспроводный сети
Курс поможет:
Внедрить механизмы безопасности для защиты беспроводной инфраструктуры
Использовать платформы Cisco Identity Service Engine (ISE), Cisco Prime Infrastructure (PI) и Cisco Connect Mobile Experience для мониторинга и устранения неполадок в сети
Проверить знания перед сдачей нового экзамена Implementing Cisco Enterprise Wireless Networks (300-430 ENWLSI)
Программа курса
Введение в курс
Цели
Содержание
Обзор сертификации
Безопасность инфраструктуры и механизмы устранения неполадок в работе устройств
Безопасный доступ
Внедрение 802.1X аутентификации
Использование DNA Center для установки контроллера и подключения точек доступа
Внедрение Cisco Prime Infrastructure
Методы поиска и устранения неполадок в работе инфраструктуры
Устранение проблем в подключении точек доступа к контроллеру
Мониторинг беспроводной сети
Настройка подключений беспроводных клиентов, устранение неполадок при подключении
Исследование различных типов аутентификации
Настройка беспроводных клиентов для 802.1X аутентификации
Работа с архитектурой FlexConnect
Внедрение гостевых сервисов
Централизованная веб-аутентификация с использованием контроллера БЛВС
BYOD
Гостевые сервисы с учетом местоположения клиента
Устранение неполадок в подключении клиентов
Распространенные сценарии проблем подключения, рекомендации
Мониторинг подключения беспроводных клиентов
Внедрение механизмов QoS в беспроводных сетях
Внедрение QoS
Настройка WLC для поддержки голосового трафика
Внедрение Cisco AVC
Внедрение multicst-сервисов
mDNS
Cisco Media Stream
Устранение неполадок при настроенной системе QoS
Распространенные сценарии неполадок, рекомендации
Внедрение расширенных сервисов в беспроводной сети, устранение неполадок в их работе
Внедрение сервисов с учетом местоположения
Гиперлокация
Cisco CMX
Аналитика в Cisco CMX
Отслеживание вредоносных устройств в сети
Детектирование беспроводных клиентов с помощью Cisco CMX и DNA Center
Устранение неполадок в работе сервисов с учетом местоположения клиента
Рекомендации по мониторингу и аналитике
WLFNDU - Understanding Cisco Wireless Foundations
Длительность: 5 дней (40 часов)
Код курса: WLFNDU
Стоимость обучения.
Очный формат: 837 000 ₸
Онлайн формат: 795 000 ₸
Записаться
Обзор Курса:
Курс дает техническим специалистам основные знания и навыки для планирования, внедрения, обслуживания и управления беспроводными сетями, построенными на базе оборудования и технологий Cisco®. Слушатели научатся строить дизайн беспроводных локальных вычислительных сетей, устанавливать и настраивать соответствующее оборудование, мониторить работу корпоративной беспроводной сети, быстро находить и устранять неполадки в подключении клиентов.
Данный курс не соответствует какому-либо сертификационному экзамену напрямую, но может помочь в подготовке к сдаче следующих экзаменов:
300-425 Designing Cisco Enterprise Wireless Networks (ENWLSD)
300-430 Implementing Cisco Enterprise Wireless Networks (ENWLSI)
Курс предназначен для:
Сетевых инженеров, менеджеров и администраторов
Системных инженеров
Инженеров беспроводных сетей
Архитекторов технических решений
Предварительные требования:
Базовые знания о работе сетей
Базовые знания по технологиям беспроводного доступа
Знания маршрутизации и коммутации
После прохождения обучения слушатели будут уметь:
Разбираться в теории беспроводной передачи данных
Понимать принципы обеспечения безопасности в беспроводных сетях
Объяснять, как развернуть беспроводную архитектуру, учитывая рекомендации Cisco
Настраивать централизованную беспроводную сеть
Обслуживать беспроводную инфраструктуру, устранять неполадки в настройках WLAN
Программа курса:
Введение в беспроводные технологии и характеристики радиосигнала
Разбор радиочастотной математики и характеристики антенн
Описание доступа в беспроводной среде
Безопасность и доступ клиентов к радиосреде
Использование стандарта 802.1X и протокола Extensible Authentication Protocol (EAP)
Внедрение гостевого доступа
Изучение архитектур беспроводных локальных сетей Cisco
Принципы построения БЛВС
Описание и внедрение проводной инфраструктуры для поддержки Cisco БЛВС
Централизованная архитектура БЛВС
Обслуживание БЛВС, устранение неполадок
Лаболаторные работы:
Изучение физических основ передачи радиосигнала
Анализ радиочастотного спектра
Изучение кадров, передающихся через радиосреду
Настройка параметров подключения клиента
Настройка проводной инфраструктуры
Настройка централизованной архитектуры, базовые настройки Cisco Wireless LAN Controller (WLC)
Базовые настройки WLAN в централизованной архитектуре
Использование IPv6 в централизованной архитектуре
Оптимизация радиочастотных характеристик
Обслуживание контроллера
Использование инструментов поиска и устранения неполадок
WDAWL - Deploying Advanced Cisco Wireless LANs
Длительность: 2 дня (16 часов)
Код курса: WDAWL
Стоимость обучения.
Очный формат: 621 000 ₸
Онлайн формат: 590 000 ₸
Записаться
Кому следует посетить:
Данный курс будет полезен:
Сетевым администраторам
Сотрудникам системных интеграторов
Соискателям статуса CCNA Wireless
Предварительные требования:
Прохождение курса Defining Cisco Wireless LAN Essentials (online eLearning) или эквивалентный опыт
Базовые навыки работы с сетью
RF/Wireless опыт приветствуется
Программа курса:
Глава 1 – Мобильность клиента между подсетями
1.1.Рассмотрение роуминга в пределах одной подсети
1.2.Рассмотрение роуминга между подсетями
1.3.Выявление проблем в сложном роуминге
Глава 2 – Эффективность сети
2.1.Настройка QoS
2.2.Внедрение видео поверх Wi-Fi
2.3.Внедрение технологии VideoStream во FlexConnect решении
2.4.Интеграция контроллера беспроводной сети с MS Lync SDN
Глава 3 – Проблематика высокоплотных беспроводных сетей
3.1.Объяснение влияния плотности клиентов на беспроводные сети
3.2.Планирование зон с высокой плотностью клиентов
Глава 4 – Знакомство с Mesh сетями
4.1.Описание беспроводных Mesh сетей
4.2.Внедерение беспроводных Mesh сетей
Глава 5 – Беспроводные гостевые сети
5.1.Предоставление продвинутых вариантов гостевого доступа
5.2.Внедрение локальных политик и профилирования клиентов
5.3.Внедрение Cisco CMX Visitor Connect
Глава 6 – Отказоустойчивость в беспроводных сетях Cisco
6.1.Описание отказоустойчивости в беспроводных сетях
6.2.Улучшение отказоустойчивости беспроводных сетей
Глава 7 – Внедрение поддержки IPv6
7.2.Настройка клиентов под IPv6
7.3.Настройка инфраструктуры под IPv6
WDBWL - Cisco Deploying Basic Wireless LANs
Длительность: 3 дня (24 часа)
Код курса: WDBWL
Стоимость обучения.
Очный формат: 829 000 ₸
Онлайн формат: 787 000 ₸
Записаться
Кому следует посетить:
Данный курс будет полезен:
Сетевым администраторам
Сотрудникам системных интеграторов
Соискателям статуса CCNA Wireless
Предварительные требования:
Прохождение курса Defining Cisco Wireless LAN Essentials (online eLearning) или эквивалентный опыт
Базовые навыки работы с сетью
RF/Wireless опыт приветствуется
Программа курса:
Глава 1 – Унифицированные решения
1.1.Выполнение базовой настройки беспроводного контроллера
1.2.Описание режимов работы унифицированных точек доступа
1.3.Описание процесса ассоциации точки доступа
1.4.Системные пользовательские интерфейсы
1.5.RRM и CleanAir
1.6.Администрирование беспроводных локальных сетей и групп точек доступа
1.7.Настройка мобильных групп и роуминга
1.8.Настройка опций безопасности
1.9.Выполнение основного администрирования
1.10.Настройка гостевого доступа
Глава 2 – Развертывание архитектуры FlexConnect
2.1.Варианты развертывания FlexConnect
2.2.Настройка и работы FlexConnect
2.3.Улучшения FlexConnect в версии 8.1
Глава 3 – Обслуживание локальных беспроводных сетей Cisco
3.1.Выполнение текущего обслуживания
3.2.Настройка политик и управления
3.3.Сбор данных
3.4.Поиск и устранение неисправностей в унифицированных беспроводных сетях Cisco
Глава 4 – Функции, упрощающие использование беспроводных локальных сетей Cisco
4.1.Функции, упрощающие использование беспроводных локальных сетей Cisco
QOS - Implementing Cisco Quality of Service V2.5
Длительность: 5 дней (40 часов)
Код курса: QOS
Стоимость обучения.
Очный формат: 819 000 ₸
Онлайн формат: 778 000 ₸
Записаться
Кому следует посетить:
Инженерам сопровождения и технической поддержки.
Специалистам технических и инженерных служб
Системным администраторам
Сертификации:
Этот курс является частью следующих программ сертификаций: Cisco Certified Design Expert (CCDE)
Предварительные требования:
Внедрение и администрирование сетевых решений Cisco – CCNA или эквивалентный опыт
Цели курса:
Курс Implementing Cisco® Quality of Service (QOS) предоставляет слушателям глубокие знания требований IP QoS, архитектур Дифференцированных Услуг(DiffServ), Интегрированных услуг(IntServ) и негарантированного обслуживания а также реализацию QoS на коммутаторах и маршрутизаторах Cisco®.
Курс включает в себя теоретические предпосылки QoS, вопросы проектирования и настройки различных механизмов QoS для облегчения эффективного внедрения политик QoS. Лабораторные работы помогут слушателям отработать внедрение сценариев применения QoS на реальных схемах.
Также в курсе слушатель познакомится с правилами разработки и использования тонких особенностей QoS, методами обеспечения сквозного QoS на втором и третьем уровне модели OSI, позволяя таким образом реализовывать эффективные, производительные стабильные мультисервисные сети.
Приобретаемые практические знания:
Объяснять необходимость и методы реализации и управления QoS в мультисервисных сетях
Описывать различные модели обеспечения QoS и объяснять ключевые механизмы IP QoS реализующие эти модели
Объяснять использование MQC и AutoQoS для реализации QoS в сетях
По заданной политике QoS классифицировать и маркировать трафик для обеспечения политики
Реализовывать механизмы очередей для управления трафиком в перегруженных сетях
Использовать механизмы предотвращения перегрузки
Использовать механизмы нормирования уровня трафика, поступающего в QoS домен
Содержание курса:
Модуль 1. Введение в IP QoS
Модуль 2. Составные части IP QoS
Модуль 3. Введение в Modular QoS CLI и Auto-QoS
Модуль 4. Классификация и маркирование
Модуль 5. Управление перегрузками
Модуль 6. Предотвращение перегрузок
Модуль 7. Формирование и управление интенсивностью трафика
Модуль 8. Механизмы повышения производительности канала
Модуль 9. Рекомендации эффективного использования QoS
Программа курса:
Модуль 1. Введение в QoS
Обзор конвергентных сетей
Обзор QoS
Описание моделей Best Effort и Integrated Services
Описание модели Differentiated Services
Модуль 2. Реализация и мониторинг QoS
Введение в MQC
Мониторинг QoS
Описание Campus AutoQos
Описание WAN AutoQos
Модуль 3. Классификация и маркировка
Описание классификации и маркировки
Использование MQC для классификации и маркировки
Использование NBAR для классификации
Использование преклассификации QoS
Классификация и маркировка в кампусных сетях
Модуль 4. Управление перегрузками
Представление об очередях
Конфигурирование WFQ
Конфигурирование CBWFQ и LLQ
Управление перегрузками в кампусных сетях
Модуль 5. Предотвращение перегрузок
Представление о предотвращении перегрузок
Конфигурирование CBWRED
Конфигурирование ECN
Описание предотвращения перегрузок в кампусных сетях
Модуль 6. Управление интенсивностью трафика
Обзор policing и shaping
Конфигурирование Class-Based Policing
Policing в кампусных сетях
Конфигурирование Class-Based Shaping
Конфигурирование Class-Based Shaping на интерфейсах FR
Адаптация интенсивности для фрагментированного голосового трафика FR
Модуль 7. Механизмы повышения производительности канала. Обзор механизмов повышения производительности канала
Конфигурирование сжатия заголовков
Конфигурирование фрагментации и чередования
Модуль 8. Реализация сквозного QoS
Практики применения QoS политик
Реализации сквозного QoS
SDWFND - Cisco SD-WAN Operation and Deployment v1.0
Длительность: 2 дня (16 часов)
Код курса: SDWFND
Стоимость обучения.
Очный формат: 667 000 ₸
Онлайн формат: 634 000 ₸
Записаться
Описание курса:
Cisco SD WAN Operation and Deployment (SDWFND) v1.0 – это двухдневный практический курс под руководством инструктора, посвященный операциям Cisco SD-WAN и функциям развертывания. Cisco SD-WAN – это новая технология, это обучение охватывает основные функции, такие как автоматическое выделение ресурсов, безопасное подключение к сети, настройка с использованием шаблонов функций, настройка протокола управления наложением (OMP) и политики для управления сетевым трафиком.
Кому следует записаться:
Установщики корпоративных сетевых систем
Системные интеграторы
Системные администраторы
Сетевые администраторы
Разработчики решений
Цели курса:
По завершении этого курса вы сможете:
Определите различные компоненты и архитектуру решения Cisco SD-WAN.
Разверните маршрутизаторы vEdge в защищенной расширяемой сети.
Создавайте шаблоны для помощи в развертывании и эксплуатации защищенной расширяемой сети.
Настройте и проверьте наложенную маршрутизацию в защищенной расширяемой сети.
Создавайте простые политики для управления потоком трафика в защищенной расширяемой сети.
Предварительные требования к курсу:
Перед посещением этого курса рекомендуется, но не обязательно, обладать следующими навыками и знаниями:
Хорошее понимание дизайна глобальной корпоративной сети.
Хорошее понимание работы протокола маршрутизации, включая работу как внутреннего, так и внешнего протокола маршрутизации.
Знакомство с безопасностью транспортного уровня (TLS) и безопасностью IP (IPSec)
Программа курса:
Урок 1: Обзор решения SD-WAN
Урок 2: Компоненты SD-WAN
Урок 3: Управление компонентами SD-WAN
Модуль 2: Безопасное развертывание расширяемой сети.
Урок 1: Безопасная работа плоскости управления
Урок 2: Безопасное развертывание плоскости управления
Урок 3: Работа в плоскости защищенных данных
Урок 4: Развертывание в облаке и избыточность
Модуль 3: Развертывание шаблона SD-WAN.
Урок 1: Обзор шаблонов
Урок 2: шаблоны функций
Урок 3: Шаблоны устройств
Урок 4: Присоединение устройств к шаблонам
Модуль 4: Оверлейная маршрутизация SD-WAN.
Урок 1: Обзор маршрутизации наложения
Урок 2: Объявления маршрута OMP
Урок 3: Перераспределение маршрутов OMP и сегментация сети
Урок 4: Настройка и проверка маршрутизации наложения
Модуль 5: Политики SD-WAN и QoS.
Урок 1: Обзор политики и основы
Урок 2: Использование и построение политики vSmart
Урок 3: Обзор пересылки и QoS
Урок 4: Настройка и мониторинг пересылки QoS
План лаборатории
Лабораторная работа 1. Управление и мониторинг компонентов SD-WAN.
Лабораторная работа 2: Развертывание и проверка vEdge-маршрутизаторов SD-WAN.
Лабораторная работа 3. Развертывание шаблонов SD-WAN.
Лабораторная работа 4: Оверлейная маршрутизация SD-WAN.
Лабораторная работа 5: Политики SD-WAN.
ENSDWI - Implementing Cisco SD-WAN Solutions v2.0
Длительность: 5 дней (40 часов)
Код курса: ENSDWI
Стоимость обучения.
Очный формат: 991 000 ₸
Онлайн формат: 942 000 ₸
Записаться
Описание курса:
Курс «Внедрение решений Cisco SD-WAN Solutions (ENSDWI) v2.0 дает вам обучение тому, как проектировать, развертывать, настраивать и управлять вашим программно-определяемым WAN (SD-WAN) Cisco® в крупномасштабной действующей сети, включая как перейти с устаревшей глобальной сети на SD-WAN. Вы познакомитесь с передовыми методами настройки протоколов маршрутизации в центре обработки данных и филиалах, а также узнаете, как реализовать расширенные политики управления, данных и приложений. В курсе также рассматриваются варианты развертывания и миграции SD-WAN, размещение контроллеров, способы развертывания периферийных устройств WAN и настройка прямого доступа в Интернет (DIA). В курсе рассматриваются различные доступные варианты безопасности Cisco SD-WAN, такие как корпоративный брандмауэр с поддержкой приложений, система предотвращения вторжений (IPS), фильтрация URL-адресов, усовершенствованная защита от вредоносных программ Cisco (AMP),
Этот курс поможет вам подготовиться к сдаче экзамена по внедрению решений Cisco SD-WAN (300-415 ENSDWI), который является частью сертификации CCNP® Enterprise. Вы также получите 32 кредита непрерывного образования (CE) для повторной сертификации.
Этот курс поможет вам научиться использовать Cisco SD-WAN для:
Создайте транспортно-независимую глобальную сеть для снижения затрат и повышения гибкости
Соблюдайте соглашения об уровне обслуживания (SLA) для критически важных бизнес-приложений и приложений, работающих в режиме реального времени.
Обеспечьте безопасную сквозную сегментацию для защиты критически важных вычислительных ресурсов предприятия.
Беспрепятственное расширение в общедоступное облако
Оптимизация взаимодействия с пользователем для приложений типа “программное обеспечение как услуга” (SaaS)
Заработайте 32 балла CE для повторной сертификации
Кому следует записаться:
Установщики системы
Системные интеграторы
Системные администраторы
Сетевые администраторы
Разработчики решений
Цели курса:
После прохождения этого курса вы должны уметь:
Опишите решение Cisco SD-WAN и то, как режимы работы различаются в традиционной WAN и SD-WAN.
Описать варианты для облачного и локального развертывания Cisco SD-WAN.
Объясните, как развернуть устройства WAN Edge.
Изучите процесс Zero-Touch Provisioning (ZTP) и ознакомьтесь с техническими особенностями локального развертывания.
Изучите шаблон конфигурации устройства и опишите новые функции шаблонов конфигурации устройства.
Описать варианты обеспечения масштабируемости, высокой доступности и избыточности.
Объясните, как протоколы динамической маршрутизации развертываются в среде SD-WAN на стороне обслуживания и на стороне транспорта.
Описывать концепции политик Cisco SD-WAN, включая способы определения, присоединения, распределения и применения политик.
Определение и внедрение расширенных политик управления, таких как политики для настраиваемых топологий и вставки служб.
Выявление и внедрение расширенных политик данных, таких как политики управления трафиком и QoS.
Определите и внедрите политику маршрутизации с учетом приложений (AAR).
Внедрение вариантов прямого доступа в Интернет (DIA) и Cisco SD-WAN Cloud OnRamp
Описание компонентов безопасности и интеграции Cisco SD-WAN.
Описать, как проектировать чистые и гибридные решения Cisco SD-WAN, а также как выполнить миграцию на Cisco SD-WAN.
Описывать операции Cisco SD-WAN Day-2, такие как мониторинг, отчетность, ведение журнала, устранение неполадок и обновление.
Описать поддержку Cisco SD-WAN для многоадресной рассылки.
Предварительные требования к курсу:
Перед посещением этого курса вы должны обладать следующими знаниями и навыками:
Знание концепций программно-определяемой сети (SDN) применительно к крупномасштабному развертыванию сети в реальном времени.
Хорошее понимание дизайна корпоративной глобальной сети
Хорошее понимание работы протокола маршрутизации, включая работу как внутреннего, так и внешнего протокола маршрутизации.
Знакомство с безопасностью транспортного уровня (TLS) и безопасностью IP (IPSec)
Эти рекомендуемые предложения Cisco, которые могут помочь вам выполнить следующие предварительные требования:
Внедрение и администрирование решений Cisco (CCNA®)
Внедрение и эксплуатация основных сетевых технологий Cisco для предприятий (ENCOR)
Содержание курса:
Изучение архитектуры Cisco SD WAN
Изучение вариантов развертывания Cisco SD-WAN
Развертывание граничных устройств WAN
Подключение граничных устройств WAN с помощью ZTP и PnP
Использование шаблонов конфигурации устройства
Изучение избыточности, высокой доступности и масштабируемости
Включение маршрутизации на стороне службы и на стороне транспорта
Понимание основ настройки политики Cisco SD-WAN
Определение расширенных политик управления
Внедрение AAR
Изучение вариантов прямого доступа в Интернет и облачного развертывания
Изучение безопасности Cisco SD-WAN
Проектирование и переход на Cisco SD-WAN
Выполнение управления сетью Cisco SD-WAN и устранение неполадок
Изучение поддержки многоадресной рассылки Cisco SD-WAN
План лаборатории:
Развертывание контроллеров Cisco SD-WAN
Добавление граничного маршрутизатора WAN с помощью ZTP
Развертывание устройства Cisco SD-WAN с помощью шаблонов конфигурации
Настройка соответствия контроллера Cisco SD-WAN
Внедрение протоколов маршрутизации на стороне сервиса
Внедрение расширений транспортного местоположения (TLOC)
Внедрение политик контроля
Внедрение политик данных
Внедрение маршрутизации с учетом приложений
Внедрение филиалов и региональных подключений к Интернету
Перенести сайты филиалов
Выполните обновление программного обеспечения Cisco SD-WAN
DNAAS - Leveraging Cisco Intent-Based Networking DNA Assurance
Course Overview
The Leveraging Cisco Intent-Based Networking DNA Assurance (DNAAS) v2.1 course provides you with the skills to monitor and troubleshoot a traditional brownfield network infrastructure by using Cisco® Digital Network Architecture (Cisco DNA™) Assurance. The course focuses on highlighting issues rather than on monitoring data. The advanced artificial intelligence and machine learning features within Cisco DNA Assurance enable you to isolate the root cause of a problem and to take appropriate actions to quickly resolve issues. Cisco DNA Assurance can be used to perform the work of a Level 3 support engineer.
This course will help you:
Monitor, identify, and respond to changing network and wireless conditions
Automate manual operations to reduce the costs associated with human errors, resulting in more uptime and improved security
Save time by using a single dashboard to manage and automate your network
Who should attend
This course is designed for network and software engineers who hold the following job roles:
Network administrators
Network operators
Prerequisites
Before taking this course, you should have the following knowledge and skills: I
Internet web browser usability knowledge
Working knowledge of TCP/IP networking
Familiarity with network management concepts such as Simple Network Management Protocol (SNMP), Syslog, and NetFlow
The following Cisco courses can help you gain the knowledge you need to prepare for this course:
Implementing and Administering Cisco Solutions (CCNA)
Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR)
Course Objectives
After taking this course, you should be able to:
Explain the benefits of using Cisco DNA Center in a traditional, enterprise network
Explain at a detailed level the Cisco DNA Center Assurance system architecture, functional components, features, and data-processing concepts
Explain the health scores, metrics, and strategies that you use for monitoring network devices, clients, and applications with Cisco DNA Assurance
Describe how Cisco DNA Center Assurance analyzes the streaming telemetry and collected data, correlates the data, performs root cause analysis, and displays detected issues, insights, and trends
Describe the Cisco DNA Center Assurance troubleshooting tools, mechanisms, strategies, and scenarios to proactively detect and resolve wireless network, client, and application issues and pinpoint the root cause
Deploy and configure Cisco DNA Center to use Assurance features for monitoring and troubleshooting network devices, clients, and applications
Course Outline:
Leveraging Cisco Intent-Based Networking DNA Assurance (DNAAS)
Introducing Cisco DNA Center Assurance
Monitoring Health and Performance with Cisco DNA Center Assurance
Troubleshooting Issues, Observing Insights and Trends
Troubleshooting Wireless Issues with Cisco DNA Center Assurance Tools
Lab Topology
Prepare Cisco DNA Center for Assurance
Monitor Overall Health and the Health of Network Devices
Monitor the Health of Clients and Applications
Troubleshoot Network, Client, and Application Issues
Observer Assurance AI Network Analytics
Analyze Wireless Allocation, Capabilities, and Threats
Monitor Wireless Networks with Advanced Assurance Tools
ENTEIT - Implementing and Troubleshooting Networks Using Cisco ThousandEyes
Course Overview
The Implementing and Troubleshooting Networks Using Cisco ThousandEyes (ENTEIT) v1.0 course is designed to introduce you to and familiarize you with Cisco® ThousandEyes. Through a combination of lectures and hands-on experience, you will learn to implement and configure the Cisco ThousandEyes solution. You will also learn to install and configure the Cisco ThousandEyes agents with different test types. This solution will also enable you to perform root cause analysis when troubleshooting.
This course will help you:
Describe and define Cisco ThousandEyes
Integrate, implement, and deploy Cisco ThousandEyes solutions
Configure Cisco ThousandEyes agents
Perform root cause analysis when troubleshooting
Customize dashboard and reports
Monitor solutions
Administer the system
Who should attend
Network administrators
Network engineers
Network managers
System engineers
Prerequisites
Before taking this course, you should have a:
Basic understanding of network fundamentals
Basic understanding of Internet Control Message Protocol (ICMP), User Datagram Protocol (UDP), Transmission Control Protocol (TCP), HTTP, SSL, and DNS protocol
The following Cisco course may help you meet these prerequisites:
Implementing and Administering Cisco Solutions (CCNA)
Course Objectives
After taking this course, you should be able to:
Describe the Cisco ThousandEyes solution and its high-level use cases
Identify different types of ThousandEyes agents and supported tests
Describe different Enterprise Agent deployment options, requirements, and procedures for agent deployment
Describe different ThousandEyes test types
Compare Thousand Eyes web layer tests
Describe the role of an Endpoint Agent
Deploy and Configure an Endpoint Agent
Utilize ThousandEyes when performing the root cause analysis
Discuss the challenges that ThousandEyes Internet Insights can address
Describe the role and configuration of default and custom alerts
Distinguish between usability of dashboards and reports
Utilize ThousandEyes to monitor solutions end-to-end
Describe how to perform system administration
Course Outline:
Implementing and Troubleshooting Networks using Cisco ThousandEyes (ENTEIT)
Introducing Cisco ThousandEyes
Introducing Cisco ThousandEyes Agents and Tests
Deploying Enterprise Agents
Describing ThousandEyes Routing, Network DNS, and Voice Tests
Describing Cisco ThousandEyes Web Tests
Introducing Endpoint Agents
Deploying Endpoint Agents
Troubleshooting with Cisco ThousandEyes
Using Internet Insights
Configuring Alerts
Customizing Dashboards and Reports
Monitoring Solutions
Administrating the System
Lab Topology
Schedule a Test
Deploy Enterprise Agent
Configure Network, DNS, and Voice Tests
Configure Web Tests
Deploy and Configure an Endpoint Agent
Examine Internet Insights
Configure Alerts
Build a Dashboard and Report
Account Administration
IBNTRN - Transforming to a Cisco Intent-Based Network
Course Overview
The Transforming to a Cisco Intent-Based Network (IBNTRN) v1.1 course teaches you how the functionality of Cisco® SD-Access fits into Cisco Digital Network Architecture (Cisco DNA™). Through a combination of lessons and hands-on learning, you will practice operating, managing, and integrating Cisco DNA Center, programmable network infrastructure, and Cisco SD-Access fundamentals. You will learn how Cisco delivers intent-based networking across the campus, branch, WAN, and extended enterprise and ensures that your network is operating as intended.
How you’ll benefit
This course will help you:
Configure an open, software-driven approach that makes the network simpler, more agile, and responsive to business needs
Leverage the functionality of Cisco DNA Center to streamline operations, reduce costs, detect and contain threats, and continuously align the network to business needs
Who should attend
Channel partners and resellers
Network administrators
Network engineers
Sales engineers
System engineers
Technical architects
Technical support personnel
Prerequisites
To fully benefit from this course, you should have the following knowledge:
Understanding of network routing and switching principles equivalent to a CCNP® Enterprise level
Experience with Cisco Unified Wireless Network technologies
Experience with Cisco ISE, 802.1x, and Cisco TrustSec
Understanding of segmentation technologies such as VLANs and Virtual Routing and Forwarding (VRF)
Basic understanding of overlay technologies such as Virtual Extensible LAN (VXLAN)
Basic understanding of Locator ID Separation Protocol (LISP).
Recommended Cisco courses that may help you meet these prerequisites:
Understanding Cisco Wireless Foundations (WLFNDU)
Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR)
Configuring Cisco ISE Essentials for SD-Access (ISESDA)
Course Objectives
After taking this course, you should be able to:
Identify the Cisco Digital Network Architecture solution by describing the vision, strategy, general concepts, and components.
Describe the Cisco DNA Center design application, hierarchical network design, and basic network settings, and describe the integration of Cisco DNA Center with Cisco Identity Services Engine (Cisco ISE) for Automation and Assurance.
Describe the Cisco DNA Center Inventory and the available mechanisms for discovering and adding network devices, and explore the device compatibility with Cisco DNA Center and SD-Access.
Describe the Cisco DNA Center automation features such as configuration templates, software image maintenance, and Plug and Play (PnP) device onboarding.
Explore the Cisco DNA Center user interface, the available workflows for onboarding devices, and how to design and manage a network.
Introduce Cisco SD-Access, describe the different node types in the fabric and the two-level segmentation provided by the solution, and take a deep dive into the control and data plane protocols used in Cisco SD-Access.
Describe the Cisco DNA Center workflow for deploying Cisco SD-Access, defining all the prerequisite network settings and profiles, defining the required policies, creating fabric domains and sites, and provisioning fabric nodes.
Create and manage fabric domains and sites, provision fabric devices, and onboard your endpoints in a single site or distributed fabric campus network.
Describe the features available for automating and monitoring wireless networks with Cisco DNA Center, and describe the available deployment models with their benefits and limitations, such as wireless Over-the-Top (OTT) and SD-Access Wireless.
Describe the Cisco SD-Access Extension for IoT solution, its architecture and components, and the benefits and limitations of the solution
Describe the use cases and migration scenarios for migrating users from traditional campus to SD
Course Outline:
Transforming to a Cisco Intent-Based Network (IBNTRN)
Introducing Cisco DNA Architecture
Cisco DNA Center Design
Cisco DNA Center Inventory
Cisco DNA Center Automation
Explore Cisco DNA Center and Automating Network Changes
Introducing Cisco Software-Defined Access
Deploying Cisco Software-Defined Access
Deploy Wired Fabric Networks with Cisco DNA Center
Cisco SD-Access for Wireless
Cisco SD-Access Extension for IoT
Deploy Brownfield and Fabric Wireless Network with Cisco DNA Center
Migrating to Cisco SD-Access
Cisco SD-Access Multicast
Integrating Cisco DNA Center
Deploy SD-Access Layer 2 Borders and Multicast and Integrate Cisco DNA Center with External Services or Applications
Understanding Programmable Network Infrastructure
Operating and Managing Cisco DNA Infrastructure
Test Drive Cisco DNA Center APIs
Lab Topology
Explore Cisco DNA Center and Automate Network Changes
Deploy Wired Fabric Networks with Cisco DNA Center
Deploy Brownfield and Fabric Wireless Network with Cisco DNA Center
Deploy SD-Access Layer 2 Borders and Multicast and Integrate Cisco DNA Center with External Services or Applications
MCAST - Implementing Cisco Multicast
Course Overview
The Implementing Cisco Multicast (MCAST) v2.0 course is a five-day instructor-led course covering the fundamentals of IP multicasting, which includes multicast applications, sources, receivers, group management, and IP multicast routing protocols (such as Protocol Independent Multicast, PIM) used within a single administrative domain (intradomain). The issues of switched LAN environments and reliable IP multicasting are covered as well. The course provides technical solutions for simple deployments of IP multicast within a provider or customer network. The curriculum provides the configuration and troubleshooting guidelines for implementation of IP multicast on Cisco routers. The labs provide students with the hands-on experience needed to successfully deploy IP multicast.
Who should attend
The primary audience for this course is as follows:
Network professionals, including systems engineers
Partners
Customers
Prerequisites
We recommend that you have the following knowledge and skills before taking this course:
Work experience and configuration skills for Cisco routers and LAN switches
Course Objectives
Upon completing this course, the learner will be able to meet these overall objectives:
Introduce IP multicast services, to evaluate the functional model of IP multicasting and the technologies present in IP multicasting, acknowledge IP multicast benefits and associated caveats, and determine various types of multicast applications in order to understand the IP multicast conceptual model and its implementation prerequisites
Identify IP multicast issues on a data link layer, explain the methods of mapping network layer multicast addresses to data link layer addresses, and list the mechanisms for constraining multicast streams in a LAN environment
Introduce Protocol Independent Multicast sparse mode (PIM-SM) as the most current scalable IP multicast routing protocol to learn the principles of protocol operation and details, become familiar with the determinism built into sparse mode multicast protocols, and configure and deploy PIM-SM in complex IP multicast network deployments
Review RP distribution solutions, recognize the drawbacks of manual RP configuration, become familiar with the Auto-Rendezvous Point (Auto-RP) and the bootstrap router
(BSR) mechanisms, and introduce the concept of Anycast RP that works in combination with the Multicast Source Discovery Protocol (MSDP)
Recognize the drawbacks of the PIM-SM and introduce two extensions to provide possible solutions; learn about mechanics of the Source Specific Multicast (SSM) and bidirectional mode of PIM-SM in order to configure and deploy SSM and bidirectional mode of the PIM-SM in a large service provider network
Explain basic concepts of Multiprotocol BGP (MP-BGP) and its use in the IP multicast environment, apply steps that are associated with configuring MP-BGP with Address Family Identifier (AFI) syntax to support IP multicast in the interdomain environment
Configure and deploy MSDP in the interdomain environment
Introduce solutions to mitigate security issues in the IP multicast network. Examine and implement suitable virtual private network (VPN) technologies, such as Generic Routing Encapsulation (GRE) with IP Security (IPsec) and Group Encrypted Transport (GET) VPN
Describe the process of monitoring and maintaining multicast high-availability operations, introduce the PIM triggered join feature, and describe how load splitting IP multicast traffic over Equal-Cost Multipath (ECMP) works
Course Outline:
IP Multicast Concepts and Technologies
Introducing IP Multicast
Understanding the Multicast Service Model
Defining Multicast Distribution Trees and Forwarding
Reviewing Multicast Protocols
Multicast on the LAN
Mapping Layer 3 to Layer 2
Working with Cisco Group Management Protocol
Using IGMP Snooping
PIM Sparse Mode
Introducing Protocol Independent Multicast Sparse Mode
Understanding PIM-SM Protocol Mechanics
Using PIM-SM in a Sample Situation
Configuring and Monitoring PIM-SM
Rendezvous Point Engineering
Identifying RP Distribution Solutions
Implementing Auto-RP
Using PIMv2 BSR
Using Anycast RP and MSDP
PIM Sparse Mode Protocol Extensions
Introducing Source Specific Multicast
Configuring and Monitoring SSM
Reviewing Bidirectional PIM
Configuring and Monitoring Bidirectional PIM
Multiprotocol Extensions for BGP
Introducing MP-BGP
Configuring and Monitoring MP-BGP
Interdomain IP Multicast
Examining Dynamic Interdomain IP Multicast
Explaining Multicast Source Discovery Protocol
Using MSDP SA Caching
Configuring and Monitoring MSDP
IP Multicast Security
Introducing IP Multicast and Security
Securing a Multicast Network
Multicast Optimization and High-Availability Features
Using Multicast Optimization and High-Availability Features
Applications of Multicast
Exploring IP Multicast and Video Applications
Using IP Multicast in Mission-Critical Environments
Exploring How Enterprise IT Uses IP Multicasting Globally
SDWSCS - Implementing Cisco SD-WAN Security and Cloud Solutions
Course Overview
The Implementing Cisco SD-WAN Security and Cloud Solutions (SDWSCS) v1.0 course is an advanced training course focused on Cisco SD-WAN security and cloud services. Through a series of labs and lectures you will learn about on-box security services, including application aware enterprise firewall, intrusion prevention, URL filtering, malware protection, and TLS or SSL decryption. You will also learn about cloud integration with multiple cloud services providers and multiple use-cases.
Additionally, the lab will allow you to configure and deploy local security services and cloud security services with the Cisco Umbrella Secure Internet Gateway (SIG), as well as integrate the Cisco SD-WAN fabric with a cloud service provider using the Cisco vManage automated workflows.
This course will help you:
Introduce you to the security and cloud services available in Cisco SD-WAN.
Expand your knowledge of integrated security services, such as the application aware firewall and intrusion prevention and cloud and collocated security services in on-premises and private or public cloud environments.
Help you understand drivers, benefits, available features, and the architecture of Cisco SD-WAN integrated and distributed security and cloud networking services.
Who should attend
This course is designed for the following roles:
Network engineers
Network security engineers
Network architects
Sales/presales engineers
Prerequisites
Before taking this course, you should have a:
Basic understanding of enterprise routing
Basic understanding of WAN networking
Basic understanding of Cisco SD-WAN
Basic understanding of Public Cloud services
These recommended Cisco learning offerings may help students meet these prerequisites:
Implementing and Administering Cisco Solutions (CCNA)
Implementing Cisco SD-WAN Solutions (ENSDWI)
Cisco SD-WAN Operation and Deployment (SDWFND)
Course Objectives
After completing the course, you should be able to:
Describe Cisco SD-WAN security functions and deployment options
Understand how to deploy on-premises threat prevention
Describe content filtering options
Implement secure Direct Internet Access (DIA)
Explain and implement service chaining
Explore Secure Access Service Edge (SASE) and identify use cases
Describe Umbrella Secure Internet Gateway (SIG) and deployment options
Implement Cisco Umbrella SIG and DNS policies
Explore and implement Cloud Access Security Broker (CASB) and identify use cases (including Microsoft 365)
Discover how to use Cisco ThousandEyes to monitor cloud services
Configure Cisco ThousandEyes to monitor Microsoft 365 applications
Examine how to protect and optimize access to the software as a service (SaaS) application with Cisco SD-WAN Cloud OnRamp
Discover and deploy Cloud OnRamp for multi-cloud, including interconnect and collocation use cases
Examine Cisco SD-WAN monitoring capabilities and features with vManage and vAnalytics.
Course Outline:
Implementing Cisco SD-WAN Security and Cloud Solutions (SDWSCS)
Introducing Cisco SD-WAN Security
Deploying On-Premises Threat Prevention
Examining Content Filtering
Exploring Cisco SD-WAN Dedicated Security Options
Examining Cisco SASE
Exploring Cisco Umbrella SIG
Securing Cloud Applications with Cisco Umbrella SIG
Exploring Cisco SD-Wan ThousandEyes
Optimizing SaaS Applications
Connecting Cisco SD-WAN to Public Cloud
Examining Cloud Interconnect Solutions
Exploring Cisco Cloud OnRamp for Colocation
Monitoring Cisco SD-WAN Cloud and Security Solutions
Lab Topology
Configure Threat Prevention
Implement Web Security
Deploy DIA Security with Unified Security Policy
Deploy Service Chaining
Configure Cisco Umbrella DNS Policies
Deploy Cisco Umbrella Secure Internet Gateway
Implement CASB Security
Microsoft 365 SaaS Testing by Using Cisco ThousandEyes
Configure Cisco OnRamp for SaaS
Deploy Cisco SD-WAN Multicloud Gateways
Cisco vAnalytics Overview
CCECE - Implementing Cisco Contact Center Enterprise Chat & Email
Course Overview
The Implementing Cisco Contact Center Enterprise Chat and Email (CCECE) v1.0 course teaches you how to deploy Cisco® Enterprise Chat and Email (ECE) into an existing Enterprise Contact Center environment. You will learn the steps required to prepare and configure both Cisco Packaged Contact Center Enterprise (PCCE) and ECE environments for integration, as well as gain experience with the operation and administration tasks required for initial ECE deployment. Additionally, you will experience ongoing system administration tasks such as enabling Single Sign-On (SSO), importing objects, preparing queues and workflows, using the scripting tool, generating reports, and enabling system logs for troubleshooting. Finally, you will also learn how to implement features that enhance ECE operations for Agents.
How you’ll benefit
This course will help you:
Configure, integrate, and deploy Cisco Enterprise Chat and Email into existing Enterprise Contact Center environments
Grow your understanding of Cisco ECE administration and features
Who should attend
Deployment engineers
Prerequisites
Before taking this course, student should have:
Strong knowledge of computer networking components: Windows A/D, SQL
Strong understanding of IP networks
Advanced experience administering Cisco Packaged Contact Center Enterprise
Experience deploying Cisco Packaged Contact Center Enterprise
Course Objectives
After taking this course, you should be able to:
Describe the ECE solution as deployed with Cisco Contact Center Enterprise (CCE)
Define the components of ECE that make up the available deployment models available for enterprise solutions
Utilize the Classic ECE interface to differentiate between partitions
Utilize the Classic ECE interface to differentiate between processes and instances
Configure the PCCE requirements necessary to integrate ECE
Configure the requirements necessary to integrate ECE with the Single Pane of Glass used with PCCE
Configure the requirements necessary to integrate ECE with email services
Add the ECE Agent gadget to the Cisco Finesse Desktop layout
Describe the installation requirements for a high-availability deployment of ECE
Describe a basic email and chat call flow through the ECE/PCCE environment
Understand the general operational requirements for adding CCE Agent, skill, and scripting objects and importing them into CCE
Navigate the administrative tabs in both the Business Partition and Department view of the Single Pane of Glass
Add and import objects into the ECE
Describe the configurations options found in the Email and Chat Queue
Describe the configuration and verification of chat functionality in a CCE ECE environment
Configure and verify ECE settings
Configure an entry point for a chat queue and introduce template sets
Customize the chat experience
Define and verify the configuration requirements to deploy callback and delayed callback
Describe the benefits of implementing Agent Single Sign-on in the ECE/CCE environment
Configure the requirements necessary to implement Agent Single Sign-on in the ECE/CCE environment
Course Outline:
Implementing Cisco Contact Center Enterprise Chat & Email (CCECE)
Deploying Cisco Enterprise Chat and Email
ECE General administration
Cisco ECE Email administration
Cisco ECE Chat administration
Cisco Enterprise Chat and Email features
Lab Topology
Navigate CCE discovery architecture and components
Navigate ECE and CCE discovery architecture and components
Navigate ECE Email and Cisco Finesse integration
Add and Import CCE Resources into ECE
Personalize the Email Trail
Build a Department Workflow
Build CCE Script for Email
Agent Verification of Email
Configure and Verify Chat Operation
Customize Chat
Explore Reporting for ECE
Support Single Sign On (SSO) for ECE
Troubleshoot ECE
Cisco Service Provider
BGP - Configuring BGP on Cisco Routers V4.0
Длительность: 5 дней (40 часов)
Код курса: BGP
Стоимость обучения.
Очный формат: 829 000 ₸
Онлайн формат: 788 000 ₸
Записаться
Кому следует посетить
Инженерам сопровождения и технической поддержки.
Специалистам технических и инженерных служб
Системным администраторам
Предварительные требования
Внедрение и администрирование сетевых решений Cisco (CCNA)
Осуществление IP маршрутизации Cisco – ROUTE
Цели курса
Курс Configuring BGP on Cisco® Routers (BGP) v4.0 предоставляет слушателям глубокие знания протокола маршрутизации BGP, который лежит в основе работы Internet и новых технологий, таких как Multiprotocol Label Switching (MPLS). В курсе рассматриваются теория, конфигурация BGP на маршрутизаторах Cisco® и методы отладки работы BGP. Также рассматриваются вопросы проектирования BGP в сетях и правила использования различных функций BGP.
Приобретаемые практические знания
По заданному сценарию конфигурировать, отслеживать и отлаживать работу BGP для организации междоменной маршрутизации на нескольких автономных системах
В сетях с подключением AS к нескольким ISP управлять политиками BGP для влияния на выбор маршрута
Использовать атрибуты BGP для управления выбором маршрута
Подключать пользовательскую сеть к Internet
Конфигурировать BGP в транзитной автономной системе
Описывать вопросы масштабирования BGP, настраивать отражение маршрута(route reflection), конфедерации
Оптимизировать BGP в работающей сети
Содержание курса
Модуль 1. Обзор BGP
Введение в BGP
Понимание BGP Path Attributes
Установка сессий BGP
Обработка маршрутов BGP
Базовая конфигурация BGP
Мониторинг BGP и поиск неисправностей
Модуль 2. Транзитные автономные системы в BGP
Работа с транзитной AS
Взаимодействие по IBGP и EBGP в транзитной AS
Пересылка пакетов в транзитной AS
Конфигурация транзитной AS
Мониторинг IBGP и поиск неисправностей в транзитной AS
Модуль 3. Выбор маршрутов с использованием управления политиками
Использование сетей BGP с несколькими подключениями к внешним сетям
Использование фильтров AS-Path
Фильтрация с использованием префикс-листов
Использование исходящей фильтрации маршрутов
Применение Route-Map в качестве фильтров BGP
Применение изменений в политике BGP
Модуль 4. Выбор маршрутов с использованием атрибутов
Влияния на процесс выбора маршрута BGP с помощью атрибута Weight
Установка атрибута BGP Local Preference
Использование AS-Path Prepending
Понимание атрибута BGP Multi-Exit Discriminator
Об атрибуте BGP Community
Модуль 5. Подключение Потребитель-Провайдер с помощью BGP
Понимание требований к Подключению Потребитель-Провайдер
Организация подключения Потребителя с использованием статической маршрутизации
Подключение Потребителя к одному провайдеру по нескольким каналам
Подключение Потребителя к нескольким провайдерам
Модуль 6. Масштабирование сетей провайдеров услуг
Масштабирование IGP и BGP в сетях провайдеров услуг
Введение в отражатели маршрутов (Route Reflector)
Дизайн сетей с Отражателями Маршрутов
Конфигурация и мониторинг Отражателей Маршрутов
Введение в Конфедерации
Конфигурация и мониторинг Конфедераций
Модуль 7. Оптимизирование масштабируемости BGP
Улучшение сходимости BGP
Ограничение числа префиксов, получаемых от соседа BGP
Применение групп соседей BGP (Peer Group)
Использование подавления маршрутов BGP (Route Dampening)
MPLS - Implementing Cisco MPLS v3.0
Длительность: 5 дней (40 часов)
Код курса: MPLS
Стоимость обучения.
Очный формат: 822 000 ₸
Онлайн формат: 781 000 ₸
Записаться
Кому следует посетить
Сотрудники компаний-провайдеров
Channel Partner/Reseller
Конечные заказчики
Сертификации
Этот курс является частью следующих программ сертификаций:
Cisco Certified Design Expert (CCDE)
Предварительные требования
Сертификация Cisco Certified Network Associate (CCNA) или аналогичный уровень знаний и опыта
Рекомендуется освоение материалов курса CCNA Basics и ICND или аналогичный уровень знаний и опыта, который может быть получен при прохождении курсов Cisco
Курс построения масштабируемых сетей Cisco (BSCI) и Конфигурирование BGP на роутерах Cisco (BGP)
Настоятельно рекомендуется обладание практическим опытом построения и эксплуатации сетей на оборудовании Cisco
Курс QoS рекомендуется, так как знание QoS подразумевается в некоторых частях курса
Цели курса
Курс позволит слушателям получить информацию от основ технологии до сложных конфигураций VPN. Основное внимание в курсе уделяется технологиям MPLS VPN с точки зрения Сервис провайдера и конфигурированию оборудования для достижения этих функций в текущей маршрутизируемой среде. Предоставляется базовая информация по продвинутым возможностям и функциям, таким как Traffic Engineering, Fast Reroute и Any Transport over MPLS (AToM), которые представлены только на уровне концепции. MPLS Traffic Engineering и другие возможности путем дополнительного целевого изучения документации, также они будут освещаться в других курсах Cisco.
По окончании данного курса слушатели смогут:
Описать базовые архитектуры MPLS в frame-mode и cell-mode и идентифицировать, как они поддерживают приложения, решающие текущие проблемы в классической маршрутизации IP
Описать процесс распространения меток Label Distribution Protocol (LDP) объясняя назначении меток, распространение меток, сохранение меток, сходимость LDP и Penultimate Hop Popping (PHP) в двух режимах работы протокола.
Видя диаграмму типичного решения для сетей MPLS идентифицировать команды IOS необходимые для конфигурации и наблюдения за протоколом MPLS на маршрутизаторах WAN
Описать архитектуру связи MPLS’s каждый-с каждым и объяснить модель маршрутизации и распространения пакетов в этой архитектуре
Видя диаграмму типичного решения для сетей MPLS идентифицировать команды IOS необходимые для конфигурации и наблюдения за работой простых MPLS VPN сетей
Успешно реализовать типичные решения для сложных VPN и описать, как эти модели используются для реализации управляемых централизованных сервисов и подключения к Интернет
Конфигурировать базовые сервисы технологии MPLS TE, идентифицировать основные сетевые сценарии где применение технологии MPLS TE является необходимым и оправданным
Программа курса
Модуль 1. Функции MPLS
Технология MPLS
Описание меток и стеков меток MPLS
Сервисы MPLS
Модуль 2. Назначение и распределение меток
Протокол LDP
Распределение меток в Frame-Mode MPLS
Описание сходимости в Frame-Mode MPLS
Модуль 3. Внедрение Frame-Mode MPLS на платформе Cisco IOS
Использование коммутации Cisco Express Forwarding
Настройка Frame-Mode MPLS на платформе Cisco IOS
Проверка Frame-Mode MPLS на платформе Cisco IOS
Поиск и устранение неисправностей в Frame-Mode MPLS на платформе Cisco IOS
Модуль 4. Технология MPLS VPN
Знакомство с VPN
Знакомство с архитектурой MPLS VPN
Знакомство с моделью маршрутизации MPLS VPN
Пересылка пакетов MPLS VPN
Модуль 5. Внедрение MPLS VPN
Использование механизмов MPLS VPN на платформах Cisco IOS
Настройка таблиц VRF
Настройка MP-BGP сессий между пограничными маршрутизаторами провайдера
Настройка протоколов маршрутизации малой масштабируемости между маршрутизаторами провайдера и клиента
Проверка работы MPLS VPN
Настройка OSPF как протокола маршрутизации между маршрутизаторами провайдера и клиента
Настройка BGP как протокола маршрутизации между маршрутизаторами провайдера и клиента
Поиск и устранение неисправностей MPLS VPN
Модуль 6. Комплексные MPLS VPN
Знакомство с Overlapping VPN
Знакомство с Central Services VPN
Использование расширенных функций импорта и экспорта VRF
Знакомство с сервисом управляемых маршрутизаторов клиента
Модуль 7. Доступ в интернет и MPLS VPN
Комбинирование доступа в интернет и MPLS VPN
Внедрение раздельных сервисов доступа в интернет и VPN
Внедрение доступа в интернет как отдельного VPN
Модуль 8. Обзор MPLS TE
Знакомство с концепцией Traffic Engineering
Обзор компонентов MPLS TE
Настройка MPLS TE на платформе Cisco IOS
Проверка настроек MPLS TE на платформе Cisco IOS
IP6FD - Основы протокола IPv6, дизайн и построение сетей на его основе
Длительность: 5 дней (40 часов)
Код курса: IP6FD
Стоимость обучения.
Очный формат: 746 000 ₸
Онлайн формат:709 000 ₸
Записаться
Предварительные требования:
Данный курс является курсом повышенной сложности и для того, чтобы курс прошел максимально эффективно для слушателей, необходимо посетить следующие курсы:
Junos Troubleshooting in the NOC (JTNOC);
Advanced Junos Service Provider Routing (AJSPR);
Junos MPLS and VPNs (JMV);
Junos Multicast Routing (JMR);
Junos Class of Service (JCOS).
Описание курса:
2-дневный курс AJSPT включает следующие темы: поиск и устранение неисправностей аппаратной и программной частей маршрутизатора, протоколов OSPF, IS-IS, BGP,политик маршрутизации, MPLS, VPN (2 и 3 уровней), CoS, а также работа с проблемами, возникающими в результате потери и задержки пакетов. Данный курс состоит из теоретического материала и практических занятий, в процессе выполнения которых слушатели изучат основные принципы и команды, используемые в процессе мониторинга и устранения неисправностей. Лабораторные работы выполняются на оборудовании MX-серии, но это не препятствует использовать полученные знания и навыки при работе с другими платформами под ОС JUNOS.
Для кого предназначен курс:
Курс рекомендован и будет полезен специалистам, которые занимаются настройкой, мониторингом и устранением неисправностей на оборудовании операторов связи.
Программа курса:
Module 1: Introduction to IPv6
Lesson 1-1: Explaining the Rationale for IPv6
Lesson 1-2: Evaluating IPv6 Features and Benefits
Lesson 1-3: Understanding Market Drivers
Module 2: IPv6 Operations
Lesson 2-1: Understanding the IPv6 Addressing Architecture
Lesson 2-2: Describing the IPv6 Header Format
Lesson 2-3: Enabling IPv6 on Hosts
Lesson 2-4: Enabling IPv6 on Cisco Routers
Lesson 2-5: Using ICMPv6 and Neighbor Discovery
Lesson 2-6: Troubleshooting IPv6
Module 3: IPv6 Services
Lesson 3-1: IPv6 Mobility
Lesson 3-2: Describing DNS in an IPv6 Environment
Lesson 3-3: Understanding DHCPv6 Operations
Lesson 3-4: Understanding QoS Support in an IPv6 Environment
Lesson 3-5: Using Cisco IOS Software Features
Module 4: IPv6-Enabled Routing Protocols
Lesson 4-1: Routing with RIPng
Lesson 4-2: Examining OSPFv3
Lesson 4-3: Examining Integrated IS-IS
Lesson 4-4: Examining EIGRP for IPv6
Lesson 4-5: Understanding MP-BGP
Lesson 4-6: Configuring IPv6 Policy-Based Routing
Lesson 4-7: Configuring FHRP for IPv6
Lesson 4-8: Configuring Route Redistribution
Module 5: IPv6 Multicast Services
Lesson 5-1: Implementing Multicast in an IPv6 Network
Lesson 5-2: Using IPv6 MLD
Module 6: IPv6 Transition Mechanisms
Lesson 6-1: Implementing Dual-Stack
Lesson 6-2: Describing IPv6 Tunneling Mechanisms
Module 7: IPv6 Security
Lesson 7-1: Configuring IPv6 ACLs
Lesson 7-2: Using IPsec, IKE, and VPNs
Lesson 7-3: Discussing Security Issues in an IPv6 Transition Environment
Lesson 7-4: Understanding IPv6 Security Practices
Lesson 7-5: Configuring Cisco IOS Firewall for IPv6
Module 8: Deploying IPv6
Lesson 8-1: Examining IPv6 Address Allocation
Lesson 8-2: Understanding the IPv6 Multihoming Issue
Lesson 8-3: Identifying IPv6 Enterprise Deployment Strategies
Module 9: IPv6 and Service Providers
Lesson 9-1: Identifying IPv6 Service Provider Deployment
Lesson 9-2: Understanding Support for IPv6 in MPLS
Lesson 9-3: Understanding 6VPE
Lesson 9-4: Understanding IPv6 Broadband Access Services
Module 10: IPv6 Case Studies
Lesson 10-1: Planning and Implementing IPv6 in Enterprise Networks
Lesson 10-2: Planning and Implementing IPv6 in Service Provider Networks
Lesson 10-3: Planning and Implementing IPv6 in Branch Networks
Lab Details
Lab 2-1: Enabling IPv6 on Hosts
Lab 2-2: Using Neighbor Discovery
Lab 3-1: Using Prefix Delegation
Lab 4-1: Routing with OSPFv3
Lab 4-2: Routing with IS-IS
Lab 4-3: Routing with EIGRP
Lab 4-4: Routing with BGP and MP-BGP
Lab 5-1: Multicasting
Lab 6-1: Implementing Tunnels for IPv6
Lab 7-1: Configuring Advanced ACLs
Lab 7-2: Implementing IPsec and IKE
Lab 7-3: Configuring Cisco IOS Firewall
Lab 9-1: Configuring 6PE and 6VPE
SRFW - Cisco Segment Routing Fundamentals Workshop
Длительность: 5 дней (40 часов)
Код курса: SRFW
Стоимость обучения.
Очный формат: 1 343 000 ₸
Онлайн формат: 1 276 000 ₸
Записаться
Описание:
в данном курсе рассматривается применение технологии Segment Routing’а. Разбираются механизмы обмена информацией, необходимой для работы Segment Routing’а, с применением протоколов семейства IGP. Также рассматриваются механизмы работы избыточности TI-LFA, а также механизмы Traffic Engineering. Кроме того, в курсе пойдет речь про маршрутизацию трафика с помощью Segment Routing’а в схеме с несколькими доменами маршрутизации.
Курс будет интересен:
инженерам и архитекторам сервис-провайдеров.
Программа курса:
Часть 1. Introduction to Segment Routing / Введение в Segment Routing
Exploring Segment Routing Concepts / Основные концепции Segment Routing’а
Examining Segment Types / Сегменты и их основные типы
Examining the Segment Routing Global Block (SRGB) / Глобальное пространство сегментов
IPv6 Data Plane for Segment Routing / Segment Routing в сетях IPv6
Часть 2. IGP Segment Routing Implementation / Работы механизмов Segment Routing’а в протоколах IGP
Examining the IGP Control Plane / Сигнальная часть IGP
Examining SRGB and IGP Interactions / Распространение информации о сегментах через IGP
Examining Prefix and Adjacency SIDs / Идентификаторы сегментов[SID] для префиксов и соседств
Intermediate System to Intermediate System (IS-IS) Multilevel and Open Shortest Path First (OSPF) Multi-Area / Применение сегментов в IS-IS и OSPF
Configuring and Verifying IS-IS SR Operation / Настройка и проверка Segment Routing в IS-IS
Configuring and Verifying OSPF SR Operation / Настройка и проверка Segment Routing в OSPF
Часть 3. Topology Independent – Loop Free Alternate / Механизмы избыточности TI-LFA с применением Segment Routing’а
Examining Classic LFA / Классический LFA
Examining TI-LFA Fundamentals / Основы TI-LFA
Implementing TI-LFA for SR Traffic / Применение TI-LFA для маршрутизации трафика с применением Segment Routing’а
Implementing SR TI-LFA for LDP Traffic / Применение TI-LFA для MPLS LDP туннелей
TI-LFA and SR LDP Interworking / Работы TI-LFA совместно с Segment Routing’ом для MPLS LDP туннелей
Часть 4. Segment Routing Policies – Traffic Engineering (SR-TE) / Политики Segment Routing’а и механизмы Traffic Engineering
Exploring SR Policies / Политики Segment Routing’а
Introducing the Anycast and Binding SIDs / Anycast маршрутизация
Enabling and Verifying SR Policies / Включение и проверка политик Segment Routing’а
Instantiating SR Policies / Распространение политик Segment Routing’а по сети
Instantiating SR Policies using BGP Dynamic / Распространение Segment Routing’а через BGP
On-Demand Next-hop
Часть 5. Multidomain SR Policies / Политик Segment Routing’а между доменами маршрутизации
Configuring and Verifying a Path Computation Element (PCE) / Настройка и проверка PCE
Configuring and Verifying BGP Link-State (LS) / Настройка и проверка BG-LS
Configuring Multidomain SR Policies with a PCE / Настройка и проверка политик Segment Routing’а с помощью PCE
Часть 6. Segment Routing–Based Services / Сервисы, основанные на Segment Routing’е
Examining the BGP Prefix-SID Operation / Работа BGP Prefix-SID
Configuring and Verifying the BGP Prefix SID / Настройка и проверка BGP Prefix-SID
SR Flexible Algorithm and Performance Measurement (PM) Delay / Использование гибких алгоритмов для задания правил выбора лучшего маршрута
SPFNDU - Understanding Cisco Service Provider Network Foundations
Длительность: 5 дней (24 часа)
Код курса: SPFNDU
Стоимость обучения.
Очный формат: 753 000 ₸
Онлайн формат: 715 000 ₸
Записаться
Course Overview
The Understanding Cisco Service Provider Network Foundations (SPFNDU) v1.0 course is designed to provide you with the foundational knowledge for the suite of Cisco® CCNP® Service Provider courses. The course expands what you learned from the Cisco CCNA® course with a focus on theoretical and practical knowledge needed for the Service Provider environment. Through a combination of lessons and hands-on practice, you will learn about architectures, protocols, software and hardware platforms, and solutions within the Service Provider realm. While this course does not lead directly to a certification exam, it does cover foundational knowledge critical to the success in the Service Provider Technology track. This course also earns you 30 Continuing Education (CE) credits towards recertification.
This course will help you:
Acquire the foundational knowledge to understand the Cisco Service Provider Network methodologies, tools, and functions
Learn the skills to manage the software and hardware platforms, structures, and protocols within the Service Provider realm
Who should attend
This course is designed for network and software engineers and hold job roles such as:
Network administrator
Network engineer
Network manager
System engineer
Project manager
Network designer
Prerequisites
Before taking this course, you should have the following knowledge and skills:
Knowledge of IPv4 and IPv6 Transmission Control Protocol/Internet Protocol (TCP/IP) networking
Familiarity with typical service provider environment
Basic knowledge about networking devices and their roles
Course Objectives
After taking this course, you should be able to:
Describe network architectures, devices, and software used by service providers
Describe the various Internet governance organizations, their roles, and tools available for governance information verification
Configure Cisco Internetwork Operating System (Cisco IOS®) and Cisco IOS XE routers
Describe Cisco IOS XR software, perform initial configuration, and explain platform daily tasks
Describe various access and core technologies used by service providers
Describe various major switching technologies used by service providers
Describe major overlay technologies and their usage, and configure Virtual Extensible LAN I (VxLAN)
Describe various major routing protocols used by service providers
Configure Layer 3 services used by service providers
Describe Multiprotocol Label Switching (MPLS), components, protocols, and MPLS usage
Describe usage of various services used and maintained by service providers
Introduce Linux networking, Bourne Again Shell (BASH) scripting, and their usage within Cisco IOS XR software
Lab Topology
Review Lab Environment
Examine Governance Data
Perform an Initial Cisco Internetworking Operating System (IOS XE) Configuration
Configure Connectivity and Connectivity Verification on Cisco IOS XE Devices
Perform Initial Cisco IOS XR Configuration
Configure and Verify Connectivity on Cisco IOS XR
Configure Intermediate System to Intermediate System (IS-IS)
Configure Routing Information Protocol (RIPv2) and RIP extension (RIPng)
Configure Basic Border Gateway Protocol (BGP)
Configure MPLS
Configure Internet Protocol Service Level Agreement (IP SLA)
Configure Hot Standby Router Protocol (HSRP) with Object Tracking
Configure Virtual Routing and Forwarding (VRFs)
Configure Network Time Protocol (NTP)
Use Linux Command Line Interface
Configure IOS XR Using a Bash Script
Outline:
Introducing Service Provider Architectures
Describing Internet Governance Organizations
Configuring the Cisco IOS and Cisco IOS XE Router
Configuring Cisco IOS XR Router
Introducing Access and Core Technologies in the Service Provider Environment
Introducing Routing Technologies in the Service Provider Environment
Describing MPLS
Implementing Layer 3 Services
Introducing Switching Technologies in the Service Provider Environment
Introducing Overlay Technologies
Implementing Service Provider Services
Introducing Programmability on Cisco IOS XR Routers
SPCOR - Implementing and Operating Cisco Service Provider Network Core Technologies
Длительность: 5 дней (40 часов)
Код курса: SPCOR
Стоимость обучения.
Очный формат: 753 000 ₸
Онлайн формат: 715 000 ₸
Записаться
Course Objectives
The Implementing and Operating Cisco Service Provider Network Core Technologies (SPCOR 350-501) v1.0 course teaches you how to configure, verify, troubleshoot, and optimize next-generation, Service Provider IP network infrastructures. It provides a deep dive into Service Provider technologies including core architecture, services, networking, automation, quality of services, security, and network assurance.
This course also helps you prepare to take the Implementing and Operating Cisco® Service Provider Network Core Technologies (350-501 SPCOR) exam, which is part of the new CCNP® Service Provider certification and the Cisco Certified Specialist – Service Provider Core certification.
This course will help you:
Configure, verify, troubleshoot, and optimize next-generation, Service Provider IP network infrastructures
Deepen your understanding of Service Provider technologies including core architecture, services, networking, automation, quality of services, security, and network assurance
Validate your knowledge and prepare to take the Implementing and Operating Cisco Service Provider Network Core Technologies (350-501 SPCOR) exam
After taking this course, you should be able to:
Describe the Service Provider network architectures, concepts, and transport technologies
Describe the Cisco Internetwork Operating System (Cisco IOS®) software architectures, main IOS types, and their differences
Implement Open Shortest Path First (OSPF) in the Service Provider network
Implement Integrated Intermediate System-to-Intermediate System (IS-IS) in the Service Provider network
Implement Border Gateway Protocol (BGP) routing in Service Provider environments
Implement route maps and routing policy language
Describe IPv6 transition mechanisms used in the Service Provider networks
Implement high-availability mechanisms in Cisco IOS XR software
Implement traffic engineering in modern Service Provider networks for optimal resource utilization
Describe segment routing and segment routing traffic engineering concepts
Describe the VPN technologies used in the Service Provider environment
Configure and verify Multiprotocol Label Switching (MPLS) L2VPN in Service Provider environments
Configure and verify MPLS L3VPN in Service Provider environments
Implement IP multicast services
Describe the Quality of Service (QoS) architecture and QoS benefits for SP networks
Implement QoS in Service Provider environments
Implement control plane security in Cisco devices
Implement management plane security in Cisco devices
Implement data plane security in Cisco devices
Describe the Yet Another Next Generation (YANG) data modeling language
Implement automation and assurance tools and protocols
Describe the role of Cisco Network Services Orchestrator (NSO) in Service Provider environments
Implement virtualization technologies in Service Provider environments
Who should attend
Network administrators
Network engineers
Network managers
System engineers
Project managers
Network designers
Certifications
This course is part of the following Certifications:
Cisco Certified Network Professional Service Provider
Prerequisites
Intermediate knowledge of Cisco IOS or IOS XE
Familiarity with Cisco IOS or IOS XE and Cisco IOS XR Software configuration
Knowledge of IPv4 and IPv6 TCP/IP networking
Intermediate knowledge of IP routing protocols
Understanding of MPLS technologies
Familiarity with VPN technologies
Course Content
Describing Service Provider Network Architectures
Describing Cisco IOS Software Architectures
Implementing OSPF
Implementing IS-IS
Implementing BGP
Implementing Route Maps and Routing Protocol for LLN [Low-Power and Lossy Networks] (RPL)
Transitioning to IPv6
Implementing High Availability in Networking
Implementing MPLS
Implementing Cisco MPLS Traffic Engineering
Describing Segment Routing
Describing VPN Services
Configuring L2VPN Services
Configuring L3VPN Services
Implementing Multicast
Describing QoS Architecture
Implementing QoS
Implementing Control Plane Security
Implementing Management Plane Security
Implementing Data Plane Security
Introducing Network Programmability
Implementing Automation and Assurance
Introducing Cisco NSO
Implementing Virtualization in Service Provider Environments
SPRI - Implementing Cisco Service Provider Advanced Routing Solutions
Длительность: 5 дней (40 часов)
Код курса: SPRI
Стоимость обучения.
Очный формат: 753 000 ₸
Онлайн формат: 715 000 ₸
Записаться
Course Overview
The Implementing Cisco Service Provider Advanced Routing Solutions (SPRI) course teaches you theories and practices to integrate advanced routing technologies including routing protocols, multicast routing, policy language, Multiprotocol Label Switching (MPLS), and segment routing, expanding your knowledge and skills in service provider core networks.
This course prepares you for the 300-510 Implementing Cisco® Service Provider Advanced Routing Solutions (SPRI) exam.
This course will help you:
Gain the high-demand skills to maintain and operate advanced technologies related to Service Provider core networks
Increase your knowledge and skills for implementing Service Provider core advanced technologies through hands-on application and practical instruction
Prepare to take the 300-510 SPRI exam
What to expect in the exam
The 300-510 SPRI exam certifies your knowledge of implementing service provider advanced routing technologies including routing protocols, policy language, MPLS, and segment routing. After you pass 300-510 SPRI, you earn the Cisco Certified Specialist – Service Provider Advanced Routing Implementation certification, and you satisfy the concentration exam requirement for the CCNP Service Provider certification.
Who should attend
This course is for professionals who need knowledge about implementing various Service Provider core technologies and advanced routing technologies.
Network administrators
System engineers
Project managers
Network designers
Certifications
This course is part of the following
Certifications:
Cisco Certified Network Professional Service Provider
Prerequisites
Before taking this course, you should have Service Provider knowledge at the professional level, equivalent to the material in the following Cisco courses:
Intermediate to advanced knowledge of Cisco Internetwork Operating System (Cisco IOS®) or IOS XE and Cisco IOS XR Software configuration
Knowledge of IPv4 and IPv6 TCP/IP networking
Intermediate knowledge of BGP, OSPF, and ISIS routing protocols
Understanding of MPLS technologies
Understanding of multicast technologies
Familiarity with segment routing
Knowledge at the professional level equivalent to those learned in the following certifications:
Implementing and Administering Cisco Solutions (CCNA)
Understanding Cisco Service Provider Network Foundations (SPFNDU)
Implementing and Operating Cisco Service Provider Network Core Technologies (SPCOR)
Outline:
Implementing and Verifying Open Shortest Path First Multiarea Networks
Implementing and Verifying Intermediate System to Intermediate System Multilevel Networks
Introducing Routing Protocol Tools, Route Maps, and Routing Policy Language
Implementing Route Redistribution
Influencing Border Gateway Protocol Route Selection
Scaling BGP in Service Provider Networks
Securing BGP in Service Provider Networks
Improving BGP Convergence and Implementing Advanced Operations
Troubleshooting Routing Protocols
Implementing and Verifying MPLS
Implementing Cisco MPLS Traffic Engineering
Implementing Segment Routing
Describing Segment Routing Traffic Engineering (SR TE)
Deploying IPv6 Tunneling Mechanisms
Implementing IP Multicast Concepts and Technologies
Implementing PIM-SM Protocol
Implementing PIM-SM Enhancements
Implementing Interdomain IP Multicast
Implementing Distributed Rendezvous Point Solution in Multicast Network
SPVI - Implementing Cisco Service Provider VPN Services
Длительность: 5 дней (40 часов)
Код курса: SPVI
Стоимость обучения.
Очный формат: 753 000 ₸
Онлайн формат: 715 000 ₸
Записаться
Course Overview
The Implementing Cisco Service Provider VPN Services (SPVI) v1.0 course prepares you to manage end-customer Virtual Private Network (VPN) environments built over a common service provider Multiprotocol Label Switching (MPLS) backbone. You will complete hands-on labs to reinforce MPLS VPN fundamental concepts, benefits, and classification, MPLS components, MPLS control plane and data plane operations, MPLS VPN routing using Virtual Routing and Forwarding (VRF), Layer 2 and Layer 3 MPLS VPNs, IPv6 MPLS VPN implementations, IP Multicast VPNs, and shared services VPNs. The course also covers solutions for deploying MPLS VPN crossing multiple Service Provider domains that improve the use of network bandwidth.
This course prepares you for the 300-515 Implementing Cisco® Service Provider VPN Services (SPVI) exam. By passing this exam, you earn the Cisco Certified Specialist – Service Provider VPN Services Implementation certification, and you satisfy the concentration exam requirement for the CCNP® Service Provider certification.
What to expect in the exam
The 300-515 SPVI exam certifies your knowledge of implementing service provider VPN services including Layer 2, Layer 3, and IPv6. After you pass 300-515 SPVI, you earn the Cisco Certified Specialist – Service Provider VPN Services Implementation certification, and you satisfy the concentration exam requirement for the CCNP Service Provider certification.
Who should attend
This course is for network professionals who need to learn the techniques to implement, configure, monitor, and support Service Provider VPN solutions based on MPLS backbones.
Network administrators
Network engineers
Network supervisors
Network managers
Network Operations Center (NOC) personnel
Network designers
Network architects
Channel partners
Certifications
This course is part of the following Certifications:
Cisco Certified Network Professional Service Provider
Prerequisites
Before taking this course, you should have Service Provider knowledge at the professional level.
In the new certification program, foundational material is covered in these courses:
Implementing and Administering Cisco Solutions (CCNA)
Understanding Cisco Service Provider Network Foundations (SPFNDU)
Implementing and Operating Cisco Service Provider Network Core Technologies (SPCOR)
Course Objectives
This course will help you:
Gain valuable skills in reinforcing MPLS VPN fundamental concepts, benefits, and classifications
Learn to configure optional paths for traffic to avoid network congestion
Prepare to take the 300-515 SPVI exam
After taking this course, you should be able to:
Describe VPN concepts and operation in a Service Provider environment
Implement Layer 3 MPLS VPN operations in a Service Provider environment
Implement Layer 3 Inter-domain MPLS VPN services traversing multiple Service Providers
Implement Layer 3 Multicast MPLS VPN operations in a Service Provider environment
Troubleshoot typical issues in Layer 3 MPLS VPN environments
Implement Layer 2 VPN operations in a Service Provider environment
Troubleshoot Layer 2 VPN issues in a Service Provider network
Implement MPLS VPN solutions for IPv6 environments
Troubleshoot MPLS VPN solutions for IPv6 environments
Outline:
Introducing VPN Services
VPN Fundamentals
MPLS VPN Control Plane Operation
Troubleshooting MPLS VPN Underlay
Troubleshoot Core Interior Gateway Protocol (IGP)
Troubleshoot Border Gateway Protocol (BGP)
Implementing Layer 3 MPLS VPNs
Multiprotocol BGP (MP-BGP) Routing Requirements in MPLS VPNs
Provider Edge to Customer Edge (PE-to-CE) Routing Requirements in Layer 3 MPLS VPNs
Implementing Layer 3 Interdomain MPLS VPNs
Inter-Autonomous System (AS) for Layer 3 MPLS VPNs
Content Security and Control (CSC) for Layer 3 MPLS VPNs
Implementing Layer 3 Multicast MPLS VPNs
Multicast VPN (MVPN) Fundamentals
Implement Intranet MVPN
Troubleshooting Intra-AS Layer 3 VPNs
Troubleshoot PE-CE Connectivity
Troubleshoot PE-to-Route Reflector
Implementing Layer 2 VPNs
Layer 2 Service Architecture and Carrier Ethernet Services
Refresh on Traditional Ethernet LAN (E-LAN), E-Line, and E-Tree Solutions
Troubleshooting Layer 2 VPNs
Troubleshoot Common Issues for Traditional E-Line, E-LAN, and E-Tree Ethernet Solutions
Troubleshoot Common Issues for Ethernet VPN (EVPN) Native, EVPN Virtual Private Wire Service (VPWS), and EVPN Integrated Routing and Bridging (IRB) Solutions
Implementing Layer 3 IPv6 MPLS VPNs
Classical Solutions for Deploying IPv6 over IPv4 Environments
Using 6VPE to Deploy IPv6 Connectivity over MPLS Environment
Troubleshooting Layer 3 IPv6 MPLS VPNs
Troubleshooting PE-to-PE Connectivity
SEGRTE201 - Implementing Segment Routing on Cisco IOS XR
Длительность: 4 дня (32 часа)
Код курса: SEGRTE201
Стоимость обучения.
Очный формат: 1 590 000 ₸
Онлайн формат: 1 510 000 ₸
Записаться
Course Overview
The Implementing Segment Routing on Cisco IOS XR (SEGRTE201) v2.0 course covers the fundamental concepts of Segment Routing (SR), how to configure and verify segment routing within an Interior Gateway Protocol (IGP), and the interworking of Label Distribution Protocol (LDP) with segment routing. You will learn how to implement Topology-Independent Loop-Free Alternate (TI-LFA) using segment routing, and how to instantiate and verify segment routing traffic engineering policies. You will also learn how to implement segment routing within Border Gateway Protocol (BGP).
How you’ll benefit
This course will help you:
Learn how to configure and verify segment routing within an Interior Gateway Protocol (IGP)
Prepare to implement topology-independent loop-free alternate using segment routing
Learn to implement segment routing within Border Gateway Protocol
Who should attend
Systems engineers
Network engineers
Field engineers
Technical support personnel
Channel partners and resellers
Prerequisites
Before taking this course, you should have:
Familiarity with Cisco Internetwork Operating System (IOS®) XR software
Knowledge of general networking concepts
Course Objectives
After taking this course, you should be able to:
Describe the key concepts of segment routing
Implement and verify IGP segment routing
Migrate an existing Multiprotocol Label Switching (MPLS) LDP-based network to segment routing
Implement and verify TI-LFA segment routing
Instantiate segment routing policies
Instantiate multidomain segment routing policies
Configure and verify BGP prefix segments and SR-based services
Lab Topology
Configuring and Verifying IGP Segment Routing
Migrating from LDP to Segment Routing
Configuring and Verifying TI-LFA Fast Reroute
Configuring and Verifying SR Policies
Configuring and Verifying Multidomain SR-TE
Configuring and Verifying BGP Segment Routing
Outline:
Introduction to Segment Routing
IGP Segment Routing Implementation and Verification
Segment Routing and LDP Interworking
Topology Independent – Loop Free Alternate
Segment Routing Policies – Traffic Engineering (SR-TE)
Multidomain SR Policies
BGP Prefix Segment and Egress Peer Engineering
EPNM - Cisco SP Technologies and Management with EPNM
Длительность: 5 дней (40 часов)
Код курса: EPNM
Стоимость обучения.
Очный формат: 1 145 000 ₸
Онлайн формат: 1 088 000 ₸
Записаться
Содержание курса:
Module 1. The Concept of Service Provider Routing
1.1. SP Routing Overview
1.2. Link State IGP Routing
1.3. BGP Introduction
1.4. BGP Scalability
Module 2. Implementing MPLS L3 VPN
2.1. MPLS Overview
2.2. SP VPN Technology Overview
2.3. The concept of VRFs
2.4. Using MP-BGP between PEs
2.5. CE-PE Routing Using Different Protocols
2.6. Multipoint MPLS L3 VPN
Module 3. Implementing MPLS L2 VPN
3.1. Metro Ethernet Introduction
3.2. MPLS L2 Pseudowires
3.3. Virtual Private Lan Service.
3.4. VPLS BGP Auto-Discovery
3.5. MPLS EVPN
Module 4. Traffic Engineering
4.1. The Concept of Traffic Engineering
4.2. RSVP Based Traffic Engineering
4.3. Introduction to Segment Routing (SR)
4.4. SR and LDP Interworking
4.5. TI-LFA
4.6. Segment Routing Traffic Engineering (SR-TE)
Module 5. Cisco Evolved Packet Network Manager
5.1. Exploring Cisco EPN Manager
5.2. Viewing Devices and Inventory
5.3. Viewing Network Topologies and Circuits
5.4. Using Dashboards
5.5. Managing Alarms and Events
5.6. Generating Reports
5.7. Performing Basic Administration
5.8. Adding Devices
5.9. Backup and Restoring
5.10. Performing System Maintenance
5.11. Software Image Management (SWIM)
5.12. Configuration Management
5.13. Monitoring with Policies
5.14. Provisioning Carrier Ethernet Services
5.15. Provisioning Cisco MPLS Traffic Engineering Services
Labs
ASR9KE - Cisco Aggregation Services Router 9000 Series Essentials
Course Overview
The Cisco Aggregation Services Router 9000 Series Essentials v6.1 course introduces you to the features and functions of the Cisco® Aggregation Services Router (ASR) 9000 Series platforms. Through a combination of lecture and hands-on labs, you will gain an understanding of all major aspects of the platform, including hardware, Layer 2 and Layer 3 services, routing protocols including Segment Routing, Layer 2 and Layer 3 multicast, Quality of Service (QoS) features, and network virtualization. The course investigates Cisco Internetworking Operating System (IOS) XR 64-Bit Linux-based feature parity in the environment, as well as how to install Cisco IOS® XR 64-Bit software packages.
This course will help you:
Understand the essential features and functions of the ASR 9000 Series routers running Cisco IOS XR 64-Bit software
Practice Cisco IOS XR 64-Bit configurations on the ASR 9900 Series router in lab exercises
Configure Cisco ASR 9900 configuration changes and restore older versions of the configuration
Install the Cisco IOS XR 64-Bit Software operating system, Package Information Envelopes (PIEs), and Software Maintenance Updates (SMUs)
Understand data flow through the Cisco ASR 9000 and ASR 9900 Series router
Who should attend
This course is designed for technical professionals who need to know how to deploy Cisco ASR 9000 Series routers in their network environment. The primary audience for this course includes:
System engineers
Technical support personnel
Channel partners, resellers
Prerequisites
Before attending this course, you should have the following knowledge and skills:
Basic IOS XR 64-Bit Software configuration commands
Basic knowledge of router installation and some experience with installation tools
Routing protocol configuration experience with BGP, Intermediate System-to-Intermediate System (IS-IS), and Open Shortest Path First (OSPF)
Knowledge of Layer 2 IEEE switching and related protocols
Strong knowledge of MPLS configuration or multicast configuration experience
Experience troubleshooting Cisco routers in a large network environment
Course Objectives
After taking this course, you should be able to:
List and describe the major features and benefits of a Cisco ASR 9000 Series router
List and describe the major features and benefits of the Cisco 64-Bit IOS XR operating system
Understand data flow through the Cisco ASR 9000 Series router
Configure Cisco ASR 9000, back out of configuration changes, and restore older versions of the configuration
Install the Cisco IOS XR 64-Bit Software operating system, package information envelopes, and software maintenance updates
Enable multicast routing on a Cisco ASR 9900 Series router
Configure Layer 3 VPN services
Configure Ethernet link bundles
Configure local Ethernet Line (E-Line) Layer 2 VPN (L2VPN)
Configure Ethernet over Multiprotocol Label Switching (EoMPLS) E-Line L2VPN
Configure EoMPLS with pseudowire backup
Configure local Ethernet LAN (E-LAN) L2VPN
Describe Virtual Private LAN Service (VPLS) L2VPN
Describe VPLS with Border Gateway Protocol (BGP) autodiscovery
Configure service-based Connectivity Fault Management (CFM)
Configure Layer 2 multicast features
Describe basic QoS implementation
Describe how to configure and verify network Virtualization (nV) on the ASR 9000 series
Course Outline:
Cisco Aggregation Services Router 9000 Series Essentials (ASR9KE)
Cisco ASR 9000 Series Hardware
Cisco IOS XR 64-Bit Software Architecture and Linux Fundamentals
Cisco IOS XR 64-Bit Software Installation
Cisco IOS XR 64-Bit Software Configuration Basics
Cisco IOS XR 64-Bit Software Routing Protocols
Multicast Routing
Cisco Multiprotocol Label Switching
Cisco IOS XR 64-Bit Segment Routing
Layer 3 VPNs
Cisco ASR 9000 Layer 2 Architecture
Point-to-Point Layer 2 Services
Layer 2 Multicast
Quality of Service
Lab Topology
ASR 9904 Hardware Discovery Lab
Device Discovery and Initial Configuration
Installing Cisco IOS XR 64-Bit Software
Cisco IOS XR 64-Bit Software Operations
Configuring IS-IS Routing
Configuring OSPF Routing
Configuring Internal BGP (iBGP) Routing
IPv4 Multicast Configuration
Configuring Multiprotocol Label Switching
Configuring and Verifying IGP Segment Routing
Configuring Layer 3 Virtual Private Network
Local E-Line Service
EoMPLS Service
IOSXR100 - Introduction to Cisco IOS XR
Course Overview
The Introduction to Cisco IOS XR (IOSXR100) v2.1 course introduces you to the features and functions of the Cisco® Internetwork Operating System (Cisco IOS®) XR Software operating system. You learn the fundamental concepts on which the operating system is based and Cisco IOS XR basic operations, system administration, and troubleshooting. Through a combination of lecture and hands-on lab exercises, you gain an understanding of all major aspects of the operating system, including the architecture, high-availability components, scalability features, configuration basics, basic software operations, configuration file overview, Authentication, Authorization, and Accounting (AAA) services, Network Time Protocol (NTP) configuration, packet filtering, and management plane protection. You also learn how to monitor the Cisco IOS XR operating system, and how to work with error messages and core dumps.
This course will help you:
Prepare to deploy, implement, configure, operate, and maintain Cisco IOS XR routers
Gain hands-on practice using Cisco IOS XR software
Deepen your understanding of the Cisco IOS XR software architecture and capabilities
Who should attend
System installers
System integrators
System administrators
Network administrators
Solution designers
Prerequisites
Before taking this course, you should have the following knowledge and skills:
Experience working with Command-Line Interface (CLI)–based network devices
Knowledge of general routing concepts
Course Objectives
After taking this course, you should be able to:
Describe the Cisco IOS XR software architecture, high availability components, and scalability features
Perform basic configurations on a Cisco IOS XR router
Describe Cisco IOS XR software operations
Describe the configuration file system
Perform Cisco IOS XR software installations
Configure AAA services
Configure NTP
Configure Simple Network Management Protocol (SNMP), telemetry, and logging
Configure routing protocols
Monitor processes
Use error messages and core dumps
Course Outline:
Cisco IOS XR Software Overview
Platform Overview
Cisco IOS XR Architecture
Cisco IOS XR High Availability
Cisco IOS XR Software Configuration Basics
Cisco IOS XR Configuration Operations
Cisco IOS XR Initial Configuration
Reviewing the Configuration
Cisco IOS XR Software Operations
Examining Configuration Operations
Examining Configuration Rollback and Recovery
Configuration File System Overview
Examining the Binary Configuration
Examining the Commit Database
Examining the ASCII Configuration
Examining the Nonvolatile Generation (NVgen) Files
Verifying Cisco Fabric Services (CFS) Integrity
Cisco IOS XR Software Installation
Software Package Basics
Installing Software Packages
AAA Security
AAA Fundamentals
Task-Based Security
Configuring a User Security Policy
Authentication with Remote Servers
Configuring Router to AAA Server Communication
Configuring Authentication
Terminal Access Controller Access-Control System Plus (TACACS+) Command Authorization
Configuring Accounting
AAA Troubleshooting
Network Time Synchronization
Network Time Protocol
SNMP, Telemetry, and Logging
Examining SNMP
Examining Telemetry
Examining Logging
Basic Routing Configuration
Configuring Intermediate System to Intermediate System (IS-IS)
Configuring Open Shortest Path First (OSPF)
Configuring Border Gateway Protocol (BGP)
Configuring Routing Protocol for LLN (RPL) Policy
Packet Filtering
Access Control Lists
Unicast Reverse Path Forwarding
Management Plane Protection
Monitoring Process
Examining Processes and Threads
Process Crashes
Commands for Debugging Processes
Restartability of Processes
Process Monitoring
Identifying Memory Problems
Memory Depletion
Core Dumps
Core Dump Fundamentals
Using Core Dump Information
NSO201 - NSO Essentials for Programmers and Network Architects v4.0
Course Overview
The NSO Essentials for Programmers and Network Architects (NSO201) training introduces you to Cisco Network Services Orchestrator (NSO). You will learn to install Cisco NSO and use it to manage devices and create services based on YANG templates with XPath. This training provides an overview of NSO as a network automation solution as well as introducing you to NETCONF, YANG, and XPath. You will learn about managing devices and creating device templates, service management and service package creation, network element drivers, interfacing with other systems using APIs, configuring and troubleshooting system settings, managing alarms and reporting, configuring NSO for scalability and performance, and capabilities that can be added to Cisco NSO.
How You’ll Benefit
This course will help you:
Learn to install Cisco Network Services Orchestrator (NSO)
Practice configuring devices with NSO
Practice designing and managing services with YANG models
Gain confidence with NSO configuration
Who should attend
System installers
System integrators
System administrators
Network administrators
Solutions designers
Prerequisites
Cisco require students to have the following knowledge and skills:
Basic knowledge of the Cisco Command-Line Interface (CLI) or the CLI of UNIX-like operating systems
Working knowledge of UNIX-based operating systems and basic tasks
Basic knowledge of programming constructs
Basic knowledge of YANG data modeling
Basic knowledge of the NETCONF communication protocol
Knowledge of XML data structures and schemas
Basic management of network components (routers, switches, etc.)
The following Cisco courses can help you gain the necessary background
Programming for Network Engineers (PRNE)
Introducing Automation for Cisco Solutions (CSAU)
Course Objectives
Explain the transactional service activation and how it relates to business requirements
Explain how Cisco NSO communicates with network devices
Understand the NETCONF protocol and be able to read and write simple YANG models
Understand the difference between devices that are fully NETCONF capable and those that are less or not NETCONF capable
Understand the support for candidate configuration and confirmed commit support
Use logs to troubleshoot the Cisco NSO deployment and check NSO communication with network devices
Explain the YANG service model structure
Design a real-world usable service
Explain the mapping logic of service parameters to device models and consequently to device configurations
Describe the use of different integration options and APIs
Explain how to implement action with use of config-templates in NSO package
Explain the use of Reactive FASTMAP in for manipulating and implementing advanced NFV components
Describe the use of feature components and function packs
Define and explain the ETSI MANO principles and solution
Work with the alarm console, and understand the NSO alarm structure and how it conforms to modern network operations procedures
Describe Cisco NSO 5.3 new features and changes in NSO
Course Outline:
Cisco Network Service Orchestrator (NSO) Essentials for Programmers and Network Architects (v4.0) (NSO201)
Introducing Service Orchestration with Cisco NSO
Exploring Cisco NSO Architecture
Orchestrating Network Solutions
Describing Cisco NSO Operation
Installing Cisco NSO
Exploring the Advantages of NETCONF
Managing Devices Using the Device Manager
Creating YANG Models
Using Services
Implementing Services with Model-to-Model Mapping
Designing Services in Cisco NSO
Managing the Service Lifecycle
Programming with Python in Cisco NSO
Configuring and Troubleshooting System Settings
Discovering Cisco NSO Northbound APIs
Managing Alarms and Reporting
Configuring Cisco NSO for Scalability and Performance
Describing Cisco NSO VNF Manager and Function Packs
Lab Topology
Install Cisco NSO
Use Device Manager
Create a Device Template
Create a Loopback Template Service
Create a VLAN Template Service
Create an L3VPN Template Service
Migrate a CDM Device
Set Up a Device Using Python Scripts
Create an SVI Python Template Service
Use NSO RESTCONF API with Postman
NSO300 - NSO Advanced for Python Programmers
Course Overview
The Cisco Network Services Orchestrator (NSO) Advanced for Python Programmers (NSO300) v4.0 course continues the learning journey of the NSO Essentials for Programmers and Network Architects (NSO201) v4.0 course with NSO to include customizing templates with Python programming, Docker deployment, and Nano services. You will learn to create advanced services using the NSO application framework and Python scripting with both new and existing Layer 3 Multiprotocol Label Switching (MPLS) VPN services. You will also learn how to manage and scale these services to reduce operation consumption, and increase both security and available physical space, since Virtualized Network Functions (VNFs) replace physical hardware. You will use Network Functions Virtualization (NFV) orchestration features, and Cisco Elastic Services Controller (ESC) to manage virtualized network functions.
This course will help you:
Tailor a Cisco Network Services Orchestrator solution for your organization
Manage virtualized network functions (VNFs) automated, efficient, and dynamic network functioning
Who should attend
System engineers
System integrators
System programmers
System administrators
Network administrators
Solutions designers
Prerequisites
Before you take this course, Cisco recommends that you have the knowledge and skills obtainable by attending the Cisco Network Service Orchestrator (NSO) Essentials for Programmers and Network Architects (v4.0) (NSO201) class, plus have knowledge in the following areas:
Basic knowledge of the command line of UNIX-like operating systems
Basic knowledge of Network Configuration Protocol (NETCONF)
Basic knowledge of Yet Another Next Generation (YANG) data modelling
Basic knowledge of Python software development
Course Objectives
Describe the NSO application framework
Deploy NSO in Docker
Implement Python- and template-based service
Describe service lifecycle integration
Describe the implementation of Layer 3 MPLS VPN service for a new service deployment
Implement Nano services
Describe the implementation of Layer 3 MPLS VPN service for an existing deployment
Describe managed services
Implement stacked services
Describe how to scale service orchestration
Describe the European Telecommunications Standards Institute Management and Orchestration (ETSI MANO) Framework
Manage VNF Lifecycle with Cisco ESC
Implement NFV
Course Outline:
Discovering the NSO Application Framework
NSO Transaction Model and Mapping Options
NSO Python API Overview
Deploying NSO in Docker Containers
Comparing NSO Deployments
NSO in Docker Overview
Developing Python and Template-Based Service
Service Strategy
Service Design—Service Model
Integrating Service Lifecycle
Service Lifecycle Overview
Integration Options Overview
Developing a Layer 3 MPLS VPN Service for New Service Deployment
Service Strategy
Service Design—Service Model
Developing Nano Services
Nano Services
Service Design Manual Resource Allocation
Developing Layer 3 MPLS VPN Service for Existing Deployment
Existing Service Deployment Strategy
Existing Service Deployment Design
Introducing Managed Services
Managed Services Overview
Resource Allocation
Implementing Stacked Services
Stacked Services Strategy
Implementing Resource-Facing Services
Scaling Service Orchestration
Optimization Options
Layered Services Architecture Design
Discovering the ETSI MANO Framework
Network Functions Virtualization Initiative
ETSI MANO
Managing VNF Lifecycle with Cisco ESC
Introduction to Cisco ESC
VNF Lifecycle Management
Orchestrating NFV
NFV Orchestration (NFVO) Bundle Introduction
VNF Descriptor
Lab Topology
Create NSO Docker Environments
Create Switch Virtual Interface (SVI) Service Using Premodification Service Callback
Implement Nano Services
Create an L3VPN Service Using Dynamic ID Allocation
Perform an L3VPN Service Upgrade
Implement Stacked Services
Deploy Link State Advertisement (LSA) Service
Integrate Cisco ESC and OpenStack
Deploy NFV for Demilitarized Zone [[OK?]](DMZ) Service
Implement Self-Test Action
NSO303 Cisco NSO Administration and DevOps
Course Overview
The Cisco Network Services Orchestrator (NSO) Administration and DevOps (NSO303) v4.0 course continues the learning journey of the NSO Essentials for Programmers and Network Architects (NSO201) v4.0 and NSO Advanced for Python Programmers (NSO300) v4.0 courses by introducing you to the system administration and DevOps focusing on NSO; the robust bridge linking network automation and orchestration tools, examining the development, operation, and administration task functions. You will learn how to set up, configure, deploy, and maintain a Cisco Network Services Orchestrator solution, and learn best practices for using DevOps. The examples shown in this course demonstrate real-world scenarios to prepare you for deployment and management of new or existing NSO instances. The course guides you through the setup of a production ready NSO instances using system installation with access control settings, the deployment of NSO in Docker containers, and introduces modern DevOps concepts and tools such as Git and Continuous Delivery/Continuous Deployment (CI/CD). You will learn how to migrate CDM devices, how to build NETCONF NEDs from the NSO CLI, how to handle NSO Alarms, and many more features that benefit you in your journey with Cisco NSO.
This course will help you:
Install, configure, and maintain a Cisco Network Services Orchestrator solution
Apply DevOps best practices for Cisco NSO development, operations, and administrative tasks
Implement Layered Service Architecture (LSA) within a Cisco NSO solution
Course Content
Cisco NSO Administration
Scalability
DevOps Fundamentals
Cisco NSO Operations
Who should attend
DevOps engineers
Integration engineers
Network and software architects
Network engineers
Software engineers
System administrators
Prerequisites
Before you take this course, we recommend that you have the knowledge and skills obtainable by attending the Cisco Network Service Orchestrator (NSO) Essentials for Programmers and Network Architects (v4.0) (NSO201) class, including:
Basic knowledge of the Cisco Command-Line Interface (CLI)
Basic knowledge of the CLI of UNIX-like operating systems
Basic knowledge of Yet Another Next Generation (YANG) data modelling
Basic knowledge of Python software development
Course Objectives
After completing this course, you should be able to:
Describe network and IT convergence
Describe Cisco NSO architecture
Describe Linux
Configure Cisco NSO
Set up access control to Cisco NSO system
Describe Cisco NSO Integration Options
Explain version control systems and basic git concepts
Describe the purpose of continuous integration and continuous delivery
Implement Cisco NSO high availability
Describe scalable system management
Describe software development methodologies
Describe service maintenance
Perform NED upgrades
Use Cisco NSO for managing services and their associated device configurations
Describe Cisco NSO change management
Explain service problem management
Use Cisco NSO for service monitoring and compliance reporting
Describe Cisco NSO inventory management
Describe Cisco NSO use cases
Course Outline:
Cisco NSO Administration and DevOps (NSO303)
Introducing Network and IT Convergence
Introducing Cisco NSO Architecture
Introducing Linux
Explaining Cisco NSO Setup
Exploring Access Control
Describing Integration Options
Explaining Version Control System
Describing Continuous Integration and Continuous Delivery
Introducing Scalability and High Availability
Describing Scalable System Management
Describing Software Development Methodologies
Introducing Service Maintenance
Performing Network Element Driver (NED) Upgrades
Introducing Configuration Management
Describing Change Management
Explaining Service Problem Management
Explaining Service Monitoring and Compliance Reporting
Introducing Inventory Management
Describing Cisco NSO Use Cases
Lab Topology
Perform NSO System Install
Implement Role-Based Access and PAM
Using Cisco NSO APIs
Learn to work with Git
Use NSO in Docker
Configure High Availability
Migrating a Monolithic Service to LSA
Deploying the LSA Services
Use the Network Connectivity Tool (NCT)
Perform Service Backup and Restore
Migrate a CDM Device
Build a NETCONF NED
Replacing a Device
Troubleshoot NSO Alarms and Services
Creating a Compliance Report
OPT201 - Cisco NCS 2000 Deploying 96-Channel Flex Spectrum
Course Overview
The Cisco NCS2000 Deploying 96-Channel Flex Spectrum (OPT201) v3.0 course shows you how to plan, configure, and control optical networks using the Cisco® Network Convergence System (NCS) 2000 series Flex Spectrum platform.
The course teaches you how to design Flex Spectrum networks with multi-degree Reconfigurable Optical Add-Drop Multiplexer (ROADM) multi-shelf nodes using the Cisco Transport Planner (CTP) software.
You’ll learn how to:
Install the Cisco NCS 2000 series hardware
Configure an optical network and circuits using the Cisco Transport Controller (CTC) software
Learn which components and configurations take advantage of and/or are required for the Flex Spectrum 96-channel feature
Configure optical networks with multidegree ROADM multishelf nodes
Configure optical networks with colorless, contentionless, omnidirectional, and MPO cross-connect advanced features
Describe and configure the NCS 2000 400-Gbps Xponder line card
How you’ll benefit
This class will help you:
Gain an in-depth understanding of how to install, deploy, and maintain a Cisco Optical Networking Services (ONS) 15454 Multiple Spanning Tree Protocol (MSTP) network
Practice what you learn through hands-on labs
Who should attend
This course is designed for technical professionals who need to know how to deploy a Cisco NCS 2000 Series Dense Wavelength-Division Multiplexing (DWDM) network with Flex Spectrum.
The primary audience for this course includes:
Designers
Systems engineers and implementation staff
Network operations center personnel
Technical support personnel who are involved with the deployment, operations, and maintenance of the Cisco NCS 2000 Series
Channel partners and resellers
Prerequisites
To fully benefit from this course, you should first complete the Cisco Fundamentals of Fiber Optics Technology (FFOT) video training course, or have an equivalent level of knowledge and skills.
Course Objectives
After taking this course, you should be able to:
Describe the hardware and components required and used with the Flex Spectrum feature
Design optical networks in the Cisco Transport Planner software
Install the hardware, including multishelf nodes
Perform node turn-up and create circuits using the Cisco Transport Controller software
Configure optical networks with multidegree ROADM multishelf nodes
Configure optical networks with colorless, contentionless, omnidirectional, and MPO cross-connect advanced features
Describe and configure the NCS 2000 400-Gbps Xponder line card
Add a node to an existing DWDM ring
Describe the NCS 2000 Troubleshooting Guide
Use the features and documentation with Transport Controller to perform maintenance, testing, and basic troubleshooting
Course Outline:
Cisco NCS 2000 Series Deploying 96-Channel Flex Spectrum (OPT201)
DWDM and Flex Spectrum Foundation
NCS 2000 Chassis and Cards
Design ROADM Networks with CTP
Hardware Installation and Multishelf
Node Turn-Up and Circuit Creation
Advanced Feature Networks and Circuits
Testing, Maintenance, and Basic Troubleshooting
Spectrum Switched Optical Network
Lab Topology
Cisco Transport Controller
Cisco Transport Planner
Adding a Node to Existing DWDM Ring Network
Optical Channel Network Connection (OCHNC) Circuits
Optical Channel Client Connection (OCHCC) Circuits
Colorless Ports and Circuits
Contentionless Circuits
Connection Verification
Performing the Optical Time Domain Reflectometer (OTDR) Test
Maintenance and Performance Monitoring
MSTP Troubleshooting
Configuring the 400XP card
PRNE - Programming for Network Engineers
Course Overview
The Programming for Network Engineers (PRNE) v2.0 course is designed to equip you with fundamental skills in Python programming. Through a combination of lectures and lab experience in simulated network environments, you will learn to use Python basics to create useful and practical scripts with Netmiko to retrieve data and configure network devices. Upon completion of this course, you should have a basic understanding of Python, including the knowledge to create, apply, and troubleshoot simple network automation scripts.
This course will help you:
Explain the need for network engineers to learn how to program
Explain how programming relates to the journey into network automation and programmability
Create useful and practical scripts to retrieve data and configure network devices
Create, apply, and troubleshoot simple network automation scripts
Gain hands-on experience with Python programming
Who should attend
This course is intended for:
Network administrators
Network engineers with little or no programming or Python experience
Network managers
Systems engineers
Prerequisites
Before taking this course, you should have:
Familiarity with Cisco IOS®-XE software or other Cisco network device configuration and operation skills
Basic network management knowledge
Cisco CCNA® certification or equivalent knowledge
The following Cisco courses can help you gain the knowledge you need to prepare for this course:
Implementing and Administering Cisco Solutions (CCNA)
Course Objectives
After taking this course, you should be able to:
Create a Python script
Describe data types commonly used in Python coding
Describe Python strings and their use cases
Describe Python loops, conditionals, operators, and their purposes and use cases
Describe Python classes, methods, functions, namespaces, and scopes
Describe the options for Python data manipulation and storage
Describe Python modules and packages, their uses, and their benefits
Explain how to manipulate user input in Python
Describe error and exception management in Python
Describe Python code debugging methods
Course Outline:
Programming for Network Engineers (PRNE)
Introducing Programmability and Python for Network Engineers
Scripting with Python
Examining Python Data Types
Manipulating Strings
Describing Conditionals, Loops, and Operators
Exploring Classes, Methods, Functions, Namespaces, and Scopes
Exploring Data Storage Options
Exploring Python Modules and Packages
Gathering and Validating User Input
Analyzing Exceptions and Error Management
Examining Debugging Methods
Course Summary
Lab Topology
Execute Your First Python Program
Use the Python Interactive Shell
Explore Foundation Python Data Types
Explore Complex Python Data Types
Use Standard String Operations
Use Basic Pattern Matching
Reformat MAC Addresses
Use the if-else Construct
Use for Loops
Use while Loops
Create and Use Functions
Create and Use Classes
Use the Python main() Construct
Traverse the File Structure
Read Data in Comma-Separated Values (CSV) Format
Read, Store, and Retrieve Data in XML Format
Read, Store, and Retrieve Date in JavaScript Object Notation (JSON) Format
Read, Store, and Retrieve Data in a Raw or Unstructured Format
Import Modules from the Python Standard Library
Import External Libraries
Create a Python Module
Prompt the User for Input
Use Command-Line Arguments
Manage Exceptions with the try-except Structure
Manage Exceptions with the try-except-finally Structure
Use Assertions
Use Simple Debugging Methods
Use the Python Debugger
Code a Practical Debugging Script
SPMBL100 - Cisco Service Provider 5G Technologies Foundations
Course Overview
The Cisco Service Provider 5G Technologies Foundations (SPMBL100) v1.0 course introduces mobile network components, basic 5G concepts, and features of 5G technology including faster data speeds, higher device capacity, and improved user experience. You will examine the mobile packet core solutions, 5G transport architecture, and Cisco® automation and orchestration tools used in 5G networks. You will also learn about the Cisco 5G Non-standalone (NSA) and the Cisco Ultra Cloud Core 5G standalone (SA) platform solutions, the Cisco 5G converged Software-Defined Networking (SDN) transport architecture, and Cisco edge computing solutions. You will study the Cisco Network Function Virtualization (NFVI) architecture, Cisco Network Services Orchestrator (NSO), and Cisco Elastic Services Controller (ESC). You will learn how 5G is distributed with Telco Data Center (DC) with Cisco Application Centric Infrastructure (Cisco ACI®). And finally, Zero-Touch Provisioning (ZTP), Cisco Crosswork™, and the Cisco 5G security architecture will also be presented.
How you’ll benefit
This course will help you:
Use the higher data speeds of 5G to access data more quickly and accommodate every device with increased capacity
Learn how 5G technology delivers lower latency, higher device capacity, and a more uniform user experience
Who should attend
Customer support engineers
Field engineers
Network engineers
Network consulting engineers
Prerequisites
Before enrolling in this course, you should have knowledge in the following areas:
Knowledge of general networking concepts
Experience working with command-line interface (CLI)-based network devices
Basic understanding of Multiprotocol Label Switching (MPLS)
Familiarity with service provider architectures
The following Cisco course may help you meet these prerequisites:
Implementing and Administering Cisco Solutions (CCNA)
Understanding Cisco Service Provider Network Foundations (SPFNDU)
Course Objectives
After taking this course, you should be able to:
Describe mobile network architecture basics
List enabling technologies for 5G and describe 5G key use cases
Perform basic operations on a Cisco 5G NSA mobile packet core
Describe the Cisco 5G Converged SDN Transport Architecture
Describe Cisco NFVI and perform basic operations using Cisco ESC and Cisco Virtualized Infrastructure Manager (VIM)
Describe Cisco service provider automation and orchestration solutions to deploy and manage 5G network functions
Describe the Cisco Ultra Cloud Core architecture and deploy the Cisco SMI
Explain the 5G ready distributed Telco DC with Cisco ACI solution
Describe the Cisco 5G security architecture
Course Outline:
Mobile Network Fundamentals
5G Key Use Cases
Examining Mobile Network Components
Enabling Technologies for 5G
Introduction to 5G NR Characteristics
Cloud Radio Access network (RAN)
Cisco 5G NSA Solution
5G NSA Basics
5G NSA StarOS Configurations
Cisco 5G Converged SDN Transport Architecture
Cisco 5G Transport Ready Devices
Application Awareness and Network Slicing with Segment Routing
Cisco NFV Infrastructure, Cisco Virtualized Network Functions (VNFs), Cisco VIM, and Cisco ESC
NFVI and SDN Architecture Overview
Cisco VIM Pod Configurations
Cisco Service Provider Automation and Orchestration
Telemetry Basics
ZTP Fundamentals
Cisco Ultra Cloud Core
Cisco Ultra Cloud Core Basics
Kubernetes and Docker Fundamentals
5G Ready Distributed DC with Cisco ACI
Cisco ACI in Telco Data Centers
5GC Deployment
Mitigating Threats in 5G
Introduction to 5G Cybersecurity Risks
Mitigating 5G Cybersecurity Risks
SPWAE - Operating and Implementing Cisco WAN Automation Engine
Course Overview
The Operating and Implementing Cisco WAN Automation Engine (SPWAE) v1.0 course teaches you, through a combination of lectures and labs, how to install the Cisco® WAN Automation Engine (WAE), builds your confidence with Cisco WAE configuration and basic troubleshooting, and enables you to practice designing and managing bandwidth and traffic engineering.
Who should attend
This course is designed for:
System installers
System integrators
System administrators
Network administrators
Solutions designers
Prerequisites
Before enrolling in this course, you should have the following knowledge and skills:
Knowledge of general networking and routing concepts
Basic knowledge of routing protocols: Open Shortest Path First (OSPF), Intermediate System-to-Intermediate System (IS-IS), Border Gateway Protocol (BGP)
Understanding of Cisco Multiprotocol Label Switching Traffic Engineering (MPLS TE) technologies
Understanding of Segment Routing Traffic Engineering (SR-TE) technologies
Basic knowledge of Linux server operation and Linux tools
Basic understanding of network automation and Software-Defined Networking (SDN) concepts
These are the recommended Cisco offerings that may help you meet these prerequisites:
Implementing and Administering Cisco Solutions (CCNA)
Implementing and Operating Cisco Service Provider Network Core Technologies (SPCOR)
Implementing Segment Routing on Cisco IOS XR (SEGRTE201)
Course Objectives
This course will help you:
Learn to install Cisco WAN Automation Engine
Gain confidence with Cisco WAE configuration and basic troubleshooting
Practice designing and managing bandwidth and traffic engineering
After taking this course, you should be able to:
Explain WAE basics, the purpose of WAE, and its capabilities
Understand the Cisco WAE solution implementation
Describe the network module configuration process
Describe WAE Design software tools, demands creation, BGP modeling, and Failure and Simulation analysis
Describe Cisco WAE Design traffic engineering and QoS modeling
Explain how to use API with WAE Design and WAE Server
Describe the function, components, and processes of Cisco WAE Live
Course Outline:
Operating and Implementing Cisco WAN Automation Engine (SPWAE)
WAE Solution and Architecture Overview
Implementing a Cisco WAE Solution
Network Model Configuration
WAE Design Fundamentals
Cisco WAE Design Traffic Engineering and Optimization
Introducing Cisco WAE API
Cisco WAE Live Deployment
Lab Topology
Start with Cisco WAE
Cisco WAE Server Setup and Collector Configuration
Get Started with Cisco WAE Design
Describe Traffic with Demands
Failures and Simulation Analysis
Engineer Traffic Using Metrics and SR-TE
Cisco WAE Design Remote Procedure Call (RPC) API
Configure Cisco WAE Live
Cisco Security
SISE - Implementing and Configuring Cisco Identity Services Engine
Длительность: 5 дней (40 часов)
Код курса: SISE
Стоимость обучения.
Очный формат: 860 000 ₸
Онлайн формат: 817 000 ₸
Записаться
Course Overview
The Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 course teaches you to deploy and use Cisco® Identity Services Engine (ISE) v3.x, an identity and access control policy platform that simplifies the delivery of consistent, highly secure access control across wired, wireless, and VPN connections. This hands-on course provides you with the knowledge and skills to implement and apply Cisco ISE capabilities to support use cases for Zero Trust security posture. These use cases include tasks such as policy enforcement, profiling services, web authentication and guest access services, BYOD, endpoint compliance services, and Terminal Access Controller Access Control Server (TACACS+) device administration. Through hands-on practice via lab exercises, you will learn how to use Cisco ISE to gain visibility into what is happening in your network, streamline security policy management, and contribute to operational efficiency. This course helps you prepare to take the Implementing and Configuring Cisco Identity Services Engine (300-715 SISE) exam, which leads to CCNP® Security and the Cisco Certified Specialist – Security Identity Management Implementation certifications. This course also earns you 40 Continuing Education (CE) credits toward recertification
How You’ll Benefit
This class will help you use Cisco ISE to:
Develop and implement SASE architecture
Understand application of ISE capabilities towards development of a Zero Trust approach
Enable BYOD and guest access
Centrally configure and manage posture, authentication, and authorization services in a single webbased GUI console
Gain leading-edge career skills for high-demand job roles and responsibilities focused on enterprise security
Earn 40 CE credits toward recertification
Who should attend
Network security engineers
Network security architects
ISE administrators
Senior Security Operations Center (SOC) personnel responsible for Incidence Response
Cisco integrators and partners
Certifications
This course is part of the following Certifications:
Cisco Certified Network Professional Security
Prerequisites
To fully benefit from this course, you should have the following knowledge:
Familiarity with the Cisco IOS® Software Command-Line Interface (CLI) for wired and wireless devices
Familiarity with Cisco AnyConnect® Secure Mobility Client
Familiarity with Microsoft Windows operating systems
Familiarity with 802.1X
Course Objectives
After taking this course, you should be able to:
Describe the Cisco Identity Services Engine (ISE)
Explain Cisco ISE deployment
Describe Cisco ISE policy enforcement components
Describe Cisco ISE policy configuration
Troubleshoot Cisco ISE policy and third-party Network Access Device (NAD) support
Configure guest access
Configure hotspots and guest portals
Describe the Cisco ISE profiler services
Describe profiling best practices and reporting
Configure a Cisco ISE BYOD solution
Configure endpoint compliance
Configure client posture services
Configure Cisco ISE device administration
Describe Cisco ISE TrustSec configurations
Outline: Implementing and Configuring Cisco Identity Services Engine (SISE)
Introducing Cisco ISE Architecture
Introducing Cisco ISE Deployment
Introducing Cisco ISE Policy Enforcement Components
Introducing Cisco ISE Policy Configuration
Troubleshooting Cisco ISE Policy and Third-Party NAD Support
Introducing Web Authentication and Guest Services
Configuring Hotspots and Guest Portals
Introducing the Cisco ISE Profiler
Introducing Profiling Best Practices and Reporting
Configuring Cisco ISE BYOD
Introducing Cisco ISE Endpoint Compliance Services
Configuring Client Posture Services and Compliance
Working With Network Access Devices
Exploring Cisco TrustSec
Lab Topology
Configure Initial Cisco ISE Setup and System Certificate Usage
Integrate Cisco ISE with Active Directory
Configure Cisco ISE Policy for MAC Authentication Bypass (MAB)
Configure Cisco ISE Policy for 802.1X
Configure Guest Access
Configure Hotspot and Self-Registered Guest Access
Configure Sponsor-Approved and Fully Sponsored Guest Access
Create Guest Reports
Configure Profiling
Customize the Cisco ISE Profiling Configuration
Create Cisco ISE Profiling Reports
Configure BYOD
Manage a Lost or Stolen BYOD Device
Configure Cisco ISE Compliance Services
Configure Client Provisioning
Configure Posture Policies
Test and Monitor Compliance-Based Access
Configure Cisco ISE for Basic Device Administration
Configure Cisco ISE Command Authorization
Configure Cisco TrustSec
SWSA - Securing the Web with Cisco Web Security Appliance v3.0
Длительность: 2 дня (16 часов)
Код курса: SWSA
Стоимость обучения.
Очный формат: 520 000 ₸
Онлайн формат: 494 000 ₸
Записаться
Длительность обучения:
Instructor-led training: 2 days in the classroom with hands-on lab practice
Virtual instructor-led training: 2 days of web-based classes with hands-on lab practice
E-learning: Equivalent of 2 days of instruction with videos, practice, and challenges
Кому следует посетить:
Security architects
System designers
Network administrators
Operations engineers
Network managers, network or security technicians, and security engineers and managers responsible for web security
Cisco integrators and partners
Предварительные требования:
To fully benefit from this course, you should have knowledge of these topics:
TCP/IP services, including Domain Name System (DNS), Secure Shell (SSH), FTP, Simple Network Management Protocol (SNMP), HTTP, and HTTPS
IP routing
You are expected to have one or more of the following basic technical competencies or equivalent knowledge:
Cisco certification (CCENT certification or higher)
Relevant industry certification [International Information System Security Certification Consortium ((ISC)2), Computing Technology Industry Association (CompTIA) Security+, International Council of Electronic Commerce Consultants (EC-Council), Global Information Assurance Certification (GIAC), ISACA]
Cisco Networking Academy letter of completion (CCNA 1 and CCNA 2)
Windows expertise: Microsoft [Microsoft Specialist, Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE)], CompTIA (A+, Network+, Server+)
Программа курса:
After taking this course, you should be able to:
Describe Cisco WSA
Deploy proxy services
Utilize authentication
Describe decryption policies to control HTTPS traffic
Understand differentiated traffic access policies and identification profiles
Enforce acceptable use control settings
Defend against malware
Describe data security and data loss prevention
Perform administration and troubleshooting
Дополнительно:
This class includes lecture sections and some self-study sections. In instructor-led classes, lectures are delivered in real-time, either in person or via video conferencing. In e-learning classes, the lectures are on recorded videos
SESA - Securing Email with Cisco Email Security Appliance v3.0
Длительность: 3 дня (24 часа)
Код курса: SESA
Стоимость обучения.
Очный формат: 838 000 ₸
Онлайн формат: 796 000 ₸
Записаться
Длительность обучения:
Instructor-led training: 3 days in the classroom with hands-on lab practice
Virtual instructor-led training: 3 days of web-based classes with hands-on lab practice
E-learning: Equivalent of 3 days of instruction with hands-on lab practice, videos, and challenges
Кому следует посетить:
Security engineers
Security administrators
Security architects
Operations engineers
Network engineers
Network administrators
Network or security technicians
Network managers
System designers
Cisco integrators and partners
Предварительные требования:
To fully benefit from this course, you should have one or more of the following basic technical competencies:
Cisco certification (Cisco CCENT® certification or higher)
Relevant industry certification, such as (ISC)2, CompTIA Security+, EC-Council, Global Information
Assurance Certification (GIAC), and ISACA
Cisco Networking Academy letter of completion (CCNA® 1 and CCNA 2)
Windows expertise: Microsoft [Microsoft Specialist, Microsoft Certified Solutions Associate (MCSA),
Microsoft Certified Systems Engineer (MCSE)], CompTIA (A+, Network+, Server+)
The knowledge and skills that a student must have before attending this course are:
TCP/IP services, including Domain Name System (DNS), Secure Shell (SSH), FTP, Simple Network
Management Protocol (SNMP), HTTP, and HTTPS
Experience with IP routing
Программа курса:
After taking this course, you should be able to:
Describe and administer the Cisco Email Security Appliance (ESA)
Control sender and recipient domains
Control spam with Talos SenderBase and anti-spam
Use anti-virus and outbreak filters
Use mail policies
Use content filters
Use message filters to enforce email policies
Prevent data loss
Perform LDAP queries
Authenticate Simple Mail Transfer Protocol (SMTP) sessions
Authenticate email
Encrypt email
Use system quarantines and delivery methods
Perform centralized management using clusters
Test and troubleshoot
Дополнительно:
This class includes lecture sections and some self-study sections. In instructor-led classes, lectures are delivered in real-time, either in person or via video conferencing. In e-learning classes, the lectures are on recorded videos
SCOR - Implementing and Operating Cisco Security Core Technologies
Длительность: 5 дней (40 часов)
Код курса: SCOR
Стоимость обучения.
Очный формат: 942 000 ₸
Онлайн формат: 895 000 ₸
Записаться
Course Overview
The Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0 course helps you prepare for the Cisco® CCNP® Security and CCIE® Security certifications and for senior-level security roles. In this course, you will master the skills and technologies you need to implement core Cisco security solutions to provide advanced threat protection against cybersecurity attacks. You will learn security for networks, cloud and content, endpoint protection, secure network access, visibility and enforcements. You will get extensive hands-on experience deploying Cisco Firepower Next-Generation Firewall and Cisco ASA Firewall; configuring access control policies, mail policies, and 802.1X Authentication; and more. You will get introductory practice on Cisco Stealthwatch Enterprise and Cisco Stealthwatch Cloud threat detection features.
This course, including the self-paced material, helps prepare you to take the exam, Implementing and Operating Cisco Security Core Technologies (350-701 SCOR), which leads to the new CCNP Security, CCIE Security, and the Cisco Certified Specialist – Security Core certifications.
Course Content
Describing Information Security Concepts*
Describing Common TCP/IP Attacks*
Describing Common Network Application Attacks*
Describing Common Endpoint Attacks*
Describing Network Security Technologies
Deploying Cisco ASA Firewall
Deploying Cisco Firepower Next-Generation Firewall
Deploying Email Content Security
Deploying Web Content Security
Deploying Cisco Umbrella*
Explaining VPN Technologies and Cryptography
Introducing Cisco Secure Site-to-Site VPN Solutions
Deploying Cisco IOS VTI-Based Point-to-Point
Deploying Point-to-Point IPsec VPNs on the Cisco ASA and Cisco Firepower NGFW
Introducing Cisco Secure Remote Access VPN Solutions
Deploying Remote Access SSL VPNs on the Cisco ASA and Cisco Firepower NGFW
Explaining Cisco Secure Network Access Solutions
Describing 802.1X Authentication
Configuring 802.1X Authentication
Describing Endpoint Security Technologies*
Deploying Cisco AMP for Endpoints*
Introducing Network Infrastructure Protection*
Deploying Control Plane Security Controls*
Deploying Layer 2 Data Plane Security Controls*
Deploying Layer 3 Data Plane Security Controls*
Deploying Management Plane Security Controls*
Deploying Traffic Telemetry Methods*
Deploying Cisco Stealthwatch Enterprise*
Describing Cloud and Common Cloud Attacks*
Securing the Cloud*
Deploying Cisco Stealthwatch Cloud*
Describing Software-Defined Networking (SDN*)
* This section is self-study material that can be done at your own pace if you are taking the instructor-led version of this course.
Who should attend
Security Engineer
Network Engineer
Network Designer
Network Administrator
Systems Engineer
Consulting Systems Engineer
Technical Solutions Architect
Cisco Integrators/Partners
Network Manager
Cisco integrators and partners
Certifications
This course is part of the following Certifications:
Cisco Certified Networkn Professional Security
Prerequisites
To fully benefit from this course, you should have the following knowledge and skills:
Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course
Familiarity with Ethernet and TCP/IP networking
Working knowledge of the Windows operating system
Working knowledge of Cisco IOS networking and concepts
Familiarity with basics of networking security concepts
Course Objectives
After taking this course, you should be able to:
Describe information security concepts and strategies within the network
Describe common TCP/IP, network application, and endpoint attacks
Describe how various network security technologies work together to guard against attacks
Implement access control on Cisco ASA appliance and Cisco Firepower Next-Generation Firewall
Describe and implement basic email content security features and functions provided by Cisco Email Security Appliance
Describe and implement web content security features and functions provided by Cisco Web Security Appliance
Describe Cisco Umbrella security capabilities, deployment models, policy management, and Investigate console
Introduce VPNs and describe cryptography solutions and algorithms
Describe Cisco secure site-to-site connectivity solutions and explain how to deploy Cisco IOS VTI-based point-to-point IPsec VPNs, and point-to-point IPsec VPN on the Cisco ASA and Cisco FirePower NGFW
Describe and deploy Cisco secure remote access connectivity solutions and describe how to configure 802.1X and EAP authentication
Provide basic understanding of endpoint security and describe AMP for Endpoints architecture and basic features
Examine various defenses on Cisco devices that protect the control and management plane
Configure and verify Cisco IOS Software Layer 2 and Layer 3 Data Plane Controls
Describe Cisco Stealthwatch Enterprise and Stealthwatch Cloud solutions
Describe basics of cloud computing and common cloud attacks and how to secure cloud environment
This course will help you:
Gain hands-on experience implementing core security technologies and learn best practices using Cisco security solutions
Prepare for the Implementing and Operating Cisco Security Core Technologies (350-701 SCOR) exam
Qualify for professional and expert-level security job roles
This course will help you prepare to take the Implementing and Operating Cisco Security Core Technologies (350-701 SCOR) exam. This exam tests a candidate’s knowledge of implementing and operating core security technologies.
Follow On Courses
Implementing Automation for Cisco Security Solutions (SAUI)
Securing Email with Cisco Email Security Appliance (SESA)
Implementing and Configuring Cisco Identity Services Engine (SISE)
Implementing Secure Solutions with Virtual Private Networks (SVPN)
Securing the Web with Cisco Web Security Appliance (SWSA)
Lab Topology
Configure Cisco ASA Access Control Policies
Configure Cisco Firepower NGFW NAT
Configure Cisco Firepower NGFW Access Control Policy
Configure Cisco Firepower NGFW Discovery and IPS Policy
Configure Cisco NGFW Malware and File Policy
Configure Listener, Host Access Table (HAT), and Recipient Access Table (RAT) on Cisco Email Security Appliance (ESA)
Configure Mail Policies
Configure Proxy Services, Authentication, and HTTPS Decryption
Enforce Acceptable Use Control and Malware Protection
Examine the Umbrella Dashboard
Examine Cisco Umbrella Investigate
Explore DNS Ransomware Protection by Cisco Umbrella
Configure Static VTI Point-to-Point IPsec IKEv2 Tunnel
Configure Point-to-Point VPN between the Cisco ASA and Cisco Firepower NGFW
Configure Remote Access VPN on the Cisco Firepower NGFW
Explore Cisco AMP for Endpoints
Perform Endpoint Analysis Using AMP for Endpoints Console
Explore File Ransomware Protection by Cisco AMP for Endpoints Console
Explore Cisco Stealthwatch Enterprise v6.9.3
Explore Cognitive Threat Analytics (CTA) in Stealthwatch Enterprise v7.0
Explore the Cisco Cloudlock Dashboard and User Security
Explore Cisco Cloudlock Application and Data Security
Explore Cisco Stealthwatch Cloud
Explore Stealthwatch Cloud Alert Settings, Watchlists, and Sensors
Training Content
Describing Information Security Concepts*
Information Security Overview
Managing Risk
Vulnerability Assessment
Understanding CVSS
Describing Common TCP/IP Attacks*
Legacy TCP/IP Vulnerabilities
IP Vulnerabilities
ICMP Vulnerabilities
TCP Vulnerabilities
UDP Vulnerabilities
Attack Surface and Attack Vectors
Reconnaissance Attacks
Access Attacks
Man-In-The-Middle Attacks
Denial of Service and Distributed Denial of Service Attacks
Reflection and Amplification Attacks
Spoofing Attacks
DHCP Attacks
Describing Common Network Application Attacks*
Password Attacks
DNS-Based Attacks
DNS Tunneling
Web-Based Attacks
HTTP 302 Cushioning
Command Injections
SQL Injections
Cross-Site Scripting and Request Forgery
Email-Based Attacks
Describing Common Endpoint Attacks*
Buffer Overflow
Malware
Reconnaissance Attack
Gaining Access and Control
Gaining Access via Social Engineering
Gaining Access via Web-Based Attacks
Exploit Kits and Rootkits
Privilege Escalation
Post-Exploitation Phase
Angler Exploit Kit
Describing Network Security Technologies
Defense-in-Depth Strategy
Defending Across the Attack Continuum
Network Segmentation and Virtualization Overview
Stateful Firewall Overview
Security Intelligence Overview
Threat Information Standardization
Network-Based Malware Protection Overview
IPS Overview
Next Generation Firewall Overview
Email Content Security Overview
Web Content Security Overview
Threat Analytic Systems Overview
DNS Security Overview
Authentication, Authorization, and Accounting Overview
Identity and Access Management Overview
Virtual Private Network Technology Overview
Network Security Device Form Factors Overview
Deploying Cisco ASA Firewall
Cisco ASA Deployment Types
Cisco ASA Interface Security Levels
Cisco ASA Objects and Object Groups
Network Address Translation
Cisco ASA Interface ACLs
Cisco ASA Global ACLs
Cisco ASA Advanced Access Policies
Cisco ASA High Availability Overview
Deploying Cisco Firepower Next-Generation Firewall
Cisco Firepower NGFW Deployments
Cisco Firepower NGFW Packet Processing and Policies
Cisco Firepower NGFW Objects
Cisco Firepower NGFW NAT
Cisco Firepower NGFW Prefilter Policies
Cisco Firepower NGFW Access Control Policies
Cisco Firepower NGFW Security Intelligence
Cisco Firepower NGFW Discovery Policies
Cisco Firepower NGFW IPS Policies
Cisco Firepower NGFW Malware and File Policies
Deploying Email Content Security
Cisco Email Content Security Overview
SMTP Overview
Email Pipeline Overview
Public and Private Listeners
Host Access Table Overview
Recipient Access Table Overview
Mail Policies Overview
Protection Against Spam and Graymail
Anti-virus and Anti-malware Protection
Outbreak Filters
Content Filters
Data Loss Prevention
Email Encryption
Deploying Web Content Security
Cisco WSA Overview
Deployment Options
Network Users Authentication
HTTPS Traffic Decryption
Access Policies and Identification Profiles
Acceptable Use Controls Settings
Anti-Malware Protection
Deploying Cisco Umbrella*
Cisco Umbrella Architecture
Deploying Cisco Umbrella
Cisco Umbrella Roaming Client
Managing Cisco Umbrella
Cisco Umbrella Investigate Overview
Explaining VPN Technologies and Cryptography
VPN Definition
VPN Types
Secure Communication and Cryptographic Services
Keys in Cryptography
Public Key Infrastructure
Introducing Cisco Secure Site-to-Site VPN Solutions
Site-to-Site VPN Topologies
IPsec VPN Overview
IPsec Static Crypto Maps
IPsec Static Virtual Tunnel Interface
Dynamic Multipoint VPN
Cisco IOS FlexVPN
Deploying Cisco IOS VTI-Based Point-to-Point
Cisco IOS VTIs
Static VTI Point-to-Point IPsec IKEv2 VPN Configuration
Deploying Point-to-Point IPsec VPNs on the Cisco ASA and Cisco Firepower NGFW
Point-to-Point VPNs on the Cisco ASA and Cisco Firepower NGFW
Cisco ASA Point-to-Point VPN Configuration
Cisco Firepower NGFW Point-to-Point VPN ConfigurationTraining Content
Introducing Cisco Secure Remote Access VPN Solutions
Remote Access VPN Components
Remote Access VPN Technologies
SSL Overview
Deploying Remote Access SSL VPNs on the Cisco ASA and Cisco Firepower NGFW
Remote Access Configuration Concepts
Connection Profiles
Group Policies
Cisco ASA Remote Access VPN Configuration
Cisco Firepower NGFW Remote Access VPN Configuration
Explaining Cisco Secure Network Access Solutions
Cisco Secure Network Access
Cisco Secure Network Access Components
AAA Role in Cisco Secure Network Access Solution
Cisco Identity Services Engine
Cisco TrustSec
Describing 802.1X Authentication
802.1X and EAP
EAP Methods
Role of RADIUS in 802.1X Communications
RADIUS Change of Authorization
Configuring 802.1X Authentication
Cisco Catalyst Switch 802.1X Configuration
Cisco WLC 802.1X Configuration
Cisco ISE 802.1X Configuration
Supplicant 802.1x Configuration
Cisco Central Web Authentication
Describing Endpoint Security Technologies*
Host-Based Personal Firewall
Host-Based Anti-Virus
Host-Based Intrusion Prevention System
Application Whitelists and Blacklists
Host-Based Malware Protection
Sandboxing Overview
File Integrity Checking
Deploying Cisco AMP for Endpoints*
Cisco AMP for Endpoints Architecture
Cisco AMP for Endpoints Engines
Retrospective Security with Cisco AMP
Cisco AMP Device and File Trajectory
Managing Cisco AMP for Endpoints
Introducing Network Infrastructure Protection*
Identifying Network Device Planes
Control Plane Security Controls
Management Plane Security Controls
Network Telemetry
Layer 2 Data Plane Security Controls
Layer 3 Data Plane Security Controls
Deploying Control Plane Security Controls*
Infrastructure ACLs
Control Plane Policing
Control Plane Protection
Routing Protocol Security
Deploying Layer 2 Data Plane Security Controls*
Overview of Layer 2 Data Plane Security Controls
VLAN-Based Attacks Mitigation
STP Attacks Mitigation
Port Security
Private VLANs
DHCP Snooping
ARP Inspection
Storm Control
MACsec Encryption
Deploying Layer 3 Data Plane Security Controls*
Infrastructure Antispoofing ACLs
Unicast Reverse Path Forwarding
IP Source Guard
* This section is self-study material that can be done at your own pace if you are taking the instructor-led version of this course.
SVPN - Implementing Secure Solutions with Virtual Private Networks
Длительность: 5 дней (40 часов)
Код курса: SVPN
Стоимость обучения.
Очный формат: 942 000 ₸
Онлайн формат: 895 000 ₸
Записаться
Длительность обучения:
Instructor-led training: 5 days in the classroom
Virtual instructor-led training: 5 days of web-based classes
E-learning: Equivalent to 5 days of classroom instruction
Кому следует посетить:
This course is designed for professionals in the following job roles:
Network security engineer
CCNP Security candidate
Channel Partner
Предварительные требования:
Before taking this course, you should have the following knowledge and skills:
Familiarity with the various Cisco router and firewall command modes
Experience navigating and managing Cisco routers and firewalls
Clear understanding of the benefits of site-to-site and Remote Access VPN options
The following Cisco courses can help you gain the knowledge you need to prepare for this course:
Implementing and Administering Cisco Solutions (CCNA®)
Implementing and Operating Cisco Security Core Technologies (SCOR)
Программа курса:
After taking this course, you should be able to:
Introduce site-to-site VPN options available on Cisco router and firewalls
Introduce remote access VPN options available on Cisco router and firewalls
Review site-to-site and remote access VPN design options
Review troubleshooting processes for various VPN options available on Cisco router and firewalls
Дополнительно:
This class includes lecture sections and some self-study sections. In instructor-led classes, lectures are delivered in real-time, either in person or via video conferencing. In e-learning classes, the lectures are on recorded videos
SECICC - Introducing Cisco Cloud Consumer Security
Длительность: 1 день (8 часов)
Код курса: SECICC
Стоимость обучения.
Очный формат: 464 000 ₸
Онлайн формат: 441 000 ₸
Записаться
Длительность обучения:
Instructor-led training: 1 day in the classroom
Virtual instructor-led training: 1 day of web-based classes
E-learning: Equivalent of 1 day of instruction with hands-on lab practice
Кому следует посетить:
This course benefits cloud consumers and administrators of public cloud, private cloud, and hybrid cloud infrastructures:
Security architects
Cloud architects
Network engineers and administrators
System engineers and adminstrators
Cloud security consumers
Cloud application administrators
IT managers
Line of business managers
Cisco integrators and partners
Предварительные требования:
This course has no prerequisites, but you’ll get the most from the course if you have the following knowledge and skills:
Basic computer literacy
Basic PC operating system navigation skills
Basic Internet usage skills
Basic IP address knowledge
We also recommend that you have the following skills:
Prior knowledge of cloud computing and virtualization software basics
Программа курса:
After taking this course, you should be able to:
Describe public, private, and hybrid cloud models, concepts, and design
Explain the concepts and components for securing cloud environments
Describe Cisco security offerings for Amazon Web Services (AWS)
Define methods to secure SaaS application usage
Дополнительно:
This class includes lecture sections and some self-study sections. In instructor-led classes, lectures are delivered in real-time, either in person or via video conferencing. In e-learning classes, the lectures are on recorded videos
SECCLD - Securing Cloud Deployments with Cisco Technologies
Длительность: 4 дня (32 часа)
Код курса: SECCLD
Стоимость обучения.
Очный формат: 1 621 000 ₸
Онлайн формат:1 540 000 ₸
Записаться
Длительность обучения:
Instructor-led training: 4 days in the classroom with hands-on lab practice
Virtual instructor-led training: 4 days of web-based classes with hands-on lab practice
E-learning: Equivalent of 4 days of instruction with videos, practice, and challenges
Кому следует посетить:
This course is open to engineers, administrators, and security-minded users of public, private, and hybrid cloud infrastructures responsible for implementing security in cloud environments:
Security architects
Cloud architects
Security engineers
Cloud engineers
System engineers
Cisco integrators and partners
Предварительные требования:
To fully benefit from this course, you should have completed the following course or obtained the equivalent knowledge and skills:
Knowledge of cloud computing and virtualization software basics
Ability to perform basic UNIX-like OS commands
Cisco CCNP® security knowledge or understanding of the following topic areas:
Topic areas/Available in these courses
Cisco Adaptive Security Appliance (ASA) and Adaptive Security Virtual Appliance (ASAv) deployment, and Cisco IOS® Flexible NetFlow operations/Implementing Cisco Edge Network Security Solutions (SENSS)
Cisco NGFW (Cisco Firepower Threat Defense [FTD]), Cisco Firepower, and Cisco Firepower Management Center (FMC) deployment
Cisco Content Security operations including Cisco Web Security Appliance (WSA)/ Cisco Email Security Appliance (ESA)/Cisco Cloud Web Security (CWS)Cisco AMP for network and endpoints deployment/Implementing Cisco Threat Control Solutions (SITCS)
Cisco ISE operations and Cisco TrustSec architecture/Implementing Cisco Secure Access Solutions (SISAS)
VPN operation/Implementing Cisco Secure Mobility Solutions (SIMOS)
Программа курса:
After taking this course, you should be able to:
Contrast the various cloud service and deployment models
Implement the Cisco Security Solution for SaaS using Cisco Cloudlock Micro Services
Deploy cloud security solutions using Cisco AMP for Endpoints, Cisco Umbrella, and Cisco Cloud Email Security
Define Cisco cloud security solutions for protection and visibility using Cisco virtual appliances and Cisco Stealthwatch Cloud
Describe the network as a sensor and enforcer using Cisco Identity Services Engine (ISE), Cisco Stealthwatch Enterprise, and Cisco TrustSec®
Implement Cisco Firepower NGFW Virtual (NGFWv) and Cisco Stealthwatch Cloud to provide protection and visibility in AWS environments
Explain how to protect the cloud management infrastructure by using specific examples, defined best practices, and AWS reporting capabilities
Дополнительно:
This class includes lecture sections and some self-study sections. In instructor-led classes, lectures are delivered in real-time, either in person or via video conferencing. In e-learning classes, the lectures are on recorded videos
SSNGFW - Защита сетей Cisco Firepower Next Generation Firewall
Длительность: 5 дней (40 часов)
Код курса: SSNGFW
Стоимость обучения.
Очный формат: 1 258 000 ₸
Онлайн формат: 1 195 000 ₸
Записаться
Course Overview
The Securing Networks with Cisco Firepower Next Generation Firewall v1.0 course shows you how to deploy and use Cisco Firepower® Threat Defense system. This hands-on course gives you knowledge and skills to use and configure Cisco® Firepower Threat Defense technology, beginning with initial device setup and configuration and including routing, high availability, Cisco Adaptive Security Appliance (ASA) to Cisco Firepower Threat Defense migration, traffic control, and Network Address Translation (NAT). You will learn how to implement advanced Next-Generation Firewall (NGFW) and Next-Generation Intrusion Prevention System (NGIPS) features, including network intelligence, file type detection, network-based malware detection, and deep packet inspection. You will also learn how to configure site-to-site VPN, remote-access VPN, and SSL decryption before moving on to detailed analysis, system administration, and troubleshooting.
This course helps you prepare to take the exam, Securing Networks with Cisco Firepower (300-710 SNCF), which leads to CCNP Security and Cisco Certified Specialist – Network Security Firepower certifications. The 300-710 SNCF exam has a second preparation course as well, Securing Networks with Cisco Firepower Next-Generation Intrusion Prevention System (SSFIPS). You can take these courses in any order. This course also earns you 40 Continuing Education (CE) credits towards recertification.
What to expect in the exam
The 300-710 SNCF exam certifies your knowledge of Cisco Firepower Threat Defense and Firepower, including policy configurations, integrations, deployments, management, and troubleshooting.
After you pass 300-710 SNCF:
You earn the Cisco Certified Specialist – Network Security Firepowercertification.
You will have satisfied the concentration exam requirement for the new CCNP Security certification. To complete your CCNP Security, you also need to pass the Implementing and Operating Cisco Security Core Technologies (350-701 SCOR) exam or its equivalent.
Course Objectives
After taking this course, you should be able to:
Describe key concepts of NGIPS and NGFW technology and the Cisco Firepower Threat Defense system, and identify deployment scenarios
Perform initial Cisco Firepower Threat Defense device configuration and setup tasks
Describe how to manage traffic and implement Quality of Service (QoS) using Cisco Firepower Threat Defense
Describe how to implement NAT by using Cisco Firepower Threat Defense
Perform an initial network discovery, using Cisco Firepower to identify hosts, applications, and services
Describe the behavior, usage, and implementation procedure for access control policies
Describe the concepts and procedures for implementing security intelligence features
Describe Cisco Advanced Malware Protection (AMP) for Networks and the procedures for implementing file control and advanced malware protection
Implement and manage intrusion policies
Describe the components and configuration of site-to-site VPN
Describe and configure a remote-access SSL VPN that uses Cisco AnyConnect®
Describe SSL decryption capabilities and usage
Prerequisites
To fully benefit from this course, you should have:
Knowledge of TCP/IP and basic routing protocols
Familiarity with firewall, VPN, and Intrusion Prevention System (IPS) concepts
Outline:
Cisco Firepower Threat Defense Overview
Examining Firewall and IPS Technology
Firepower Threat Defense Features and Components
Examining Firepower Platforms
Examining Firepower Threat Defense Licensing
Cisco Firepower Implementation Use Cases
Cisco Firepower NGFW Device Configuration
Firepower Threat Defense Device Registration
FXOS and Firepower Device Manager
Initial Device Setup
Managing NGFW Devices
Examining Firepower Management Center Policies
Examining Objects
Examining System Configuration and Health Monitoring
Device Management
Examining Firepower High Availability
Configuring High Availability
Cisco ASA to Firepower Migration
Migrating from Cisco ASA to Firepower Threat Defense
Cisco Firepower NGFW Traffic Control
Firepower Threat Defense Packet Processing
Implementing QoS
Bypassing Traffic
Cisco Firepower NGFW Address Translation
NAT Basics
Implementing NAT
NAT Rule Examples
Implementing NAT
Cisco Firepower Discovery
Examining Network Discovery
Configuring Network Discovery
Implementing Access Control Policies
Examining Access Control Policies
Examining Access Control Policy Rules and Default Action
Implementing Further Inspection
Examining Connection Events
Access Control Policy Advanced Settings
Access Control Policy Considerations
Implementing an Access Control Policy
Security Intelligence
Examining Security Intelligence
Examining Security Intelligence Objects
Security Intelligence Deployment and Logging
Implementing Security Intelligence
File Control and Advanced Malware Protection
Examining Malware and File Policy
Examining Advanced Malware Protection
Next-Generation Intrusion Prevention Systems
Examining Intrusion Prevention and Snort Rules
Examining Variables and Variable Sets
Examining Intrusion Policies
Site-to-Site VPN
Examining IPsec
Site-to-Site VPN Configuration
Site-to-Site VPN Troubleshooting
Implementing Site-to-Site VPN
Remote-Access VPN
Examining Remote-Access VPN
Examining Public-Key Cryptography and Certificates
Examining Certificate Enrollment
Remote-Access VPN Configuration
Implementing Remote-Access VPN
SSL Decryption
Examining SSL Decryption
Configuring SSL Policies
SSL Decryption Best Practices and Monitoring
Detailed Analysis Techniques
Examining Event Analysis
Examining Event Types
Examining Contextual Data
Examining Analysis Tools
Threat Analysis
System Administration
Managing Updates
Examining User Account Management Features
Configuring User Accounts
System Administration
Cisco Firepower Troubleshooting
Examining Common Misconfigurations
Examining Troubleshooting Commands
Firepower Troubleshooting
Lab outline
Initial Device Setup
Device Management
Configuring High Availability
Migrating from Cisco ASA to Cisco Firepower Threat Defense
Implementing QoS
Implementing NAT
Configuring Network Discovery
Implementing an Access Control Policy
Implementing Security Intelligence
Implementing Site-to-Site VPN
Implementing Remote Access VPN
Threat Analysis
System Administration
Firepower Troubleshooting
SAUI - Implementing Automation for Cisco Security Solutions
Длительность: 5 дней (40 часов)
Код курса: UCSEC
Стоимость обучения.
Очный формат: 1 613 000 ₸
Онлайн формат:1 532 000 ₸
Записаться
Кому следует посетить:
Курс предназначен для тех, кто работает на стыке телефонии и информационной безопасности, а также всем инженерам, работающим с архитектурой и продуктами UC. Данный курс следует посетить сетевым администраторам, сетевым инженерам, а также системным инженерам.
Предварительные требования:
Перед посещением данного курса слушатели должны обладать следующими навыками:
Практические знания конвергентных голосовых сетей и СХД
Знакомство с Cisco IOS gateway, Cisco Unified SRST gateway и Cisco Unified Border Element
Знание продуктов Cisco Unified Communications Manager и Cisco Unified Communications Manager Express
Рекомендовано наличие сертификата CCNP® Voice
Дополнительные навыки, которые будут полезны:
Знание основ сетевой безопасности
Знание технологий Cisco IOS Firewall и Cisco ASA adaptive security appliance firewalls
Знакомство с IPsec и SSL VPNs
Рекомендовано наличие сертификата CCNA® Security
Цели курса:
После посещения тренинга слушатели смогут:
Определять уязвимые места в сетях Cisco Unified Communications, а также описывать стратегии безопасности, криптографические сервисы , PKI и технологии VPN
Использовать функционал системы безопасности сетевой инфраструктуры
Внедрять Cisco Unified Communications Manager и Cisco Unified Communications endpoint security features
Содержание курса:
5-дневный курс UCSEC посвящен описанию уязвимостей и атак на инфраструктуру IP-телефонии, а также методов борьбы с ними и методов обеспечения безопасности инфраструктуры. За время курса слушатели научатся определять уязвимые места в сетях Cisco Unified Communications, а также описывать стратегии безопасности, криптографические сервисы PKI и технологии VPN, использовать функционал системы безопасности сетевой инфраструктуры и внедрять функции безопасности в Cisco Unified Communications Manager и терминалах Cisco.
Программа курса
1. Введение
2. Уязвимости сети Cisco Unified Communications и основы безопасности
2.1. Оценка уязвимостей сети Cisco Unified Communications
2.2. Стратегии реализации безопасности
2.3. Криптографические службы и функции
2.4. Управления ключами и PKI
2.5. IPsec и Cisco AnyConnect SSL VPN
2.6. Лабораторная работа 1: Идентификация уязвимых мест в Cisco UC сетях
3. Функционал системы безопасности сетевой инфраструктуры
3.1. Разделение сети и фильтрация пакетов
3.2. Функции безопасности коммутаторов
3.3. Cisco AnyConnect SSL VPN в сетях Cisco Unified Communications
3.4. Лабораторная работа 2: Внедрение межсетевых экранов
3.5. Лабораторная работа 3: Внедрение 802.1X
3.6. Лабораторная работа 4: Внедрение Cisco AnyConnect SSL VPN-ов
4. Cisco Unified Communications Manager и функции защиты абонентских устройств
4.1. Повышение защиты абонентских устройств
4.2. Предотвращение мошеннических звонков
4.3. Встроенные функции безопасности Cisco Unified Communications Manager
4.4. Функции безопасности Cisco Unified Communications Manager, основанные на маркерах безопасности
4.5. Лабораторная работа 5: Внедрение механизмов безопасности Cisco Unified Communications Manager, основанных на безопасных токенах
5. Интеграция Cisco Unified Communications с внешними элементами защиты
5.1. Применение SRTP для шлюзов и защита сигнала средствами IPSec
5.2. Применение SRTP для шлюзов и защита сигнала в SRST and Cisco Unified Communications Manager Express
5.3. Trusted Relay Points
5.4. Прокси
5.5. Лабораторная работа 6: Внедрение SRTP на шлюзах и защита сигнализации с помощью IPsec
5.6. Лабораторная работа 7: Внедрение безопасного SRST и безопасного Cisco Unified Communications Manager Express
5.7. Лабораторная работа 8: Внедрение Trusted Relay Points
5.8. Лабораторная работа 9: Внедрение прокси для сигнализации и RTP потоков
UCSEC - Implementing Cisco Unified Communications Security
Длительность: 5 дней (40 часов)
Код курса: UCSEC
Стоимость обучения.
Очный формат: 1 613 000 ₸
Онлайн формат:1 532 000 ₸
Записаться
Кому следует посетить:
Курс предназначен для тех, кто работает на стыке телефонии и информационной безопасности, а также всем инженерам, работающим с архитектурой и продуктами UC. Данный курс следует посетить сетевым администраторам, сетевым инженерам, а также системным инженерам.
Предварительные требования:
Перед посещением данного курса слушатели должны обладать следующими навыками:
Практические знания конвергентных голосовых сетей и СХД
Знакомство с Cisco IOS gateway, Cisco Unified SRST gateway и Cisco Unified Border Element
Знание продуктов Cisco Unified Communications Manager и Cisco Unified Communications Manager Express
Рекомендовано наличие сертификата CCNP® Voice
Дополнительные навыки, которые будут полезны:
Знание основ сетевой безопасности
Знание технологий Cisco IOS Firewall и Cisco ASA adaptive security appliance firewalls
Знакомство с IPsec и SSL VPNs
Рекомендовано наличие сертификата CCNA® Security
Цели курса:
После посещения тренинга слушатели смогут:
Определять уязвимые места в сетях Cisco Unified Communications, а также описывать стратегии безопасности, криптографические сервисы , PKI и технологии VPN
Использовать функционал системы безопасности сетевой инфраструктуры
Внедрять Cisco Unified Communications Manager и Cisco Unified Communications endpoint security features
Содержание курса:
5-дневный курс UCSEC посвящен описанию уязвимостей и атак на инфраструктуру IP-телефонии, а также методов борьбы с ними и методов обеспечения безопасности инфраструктуры. За время курса слушатели научатся определять уязвимые места в сетях Cisco Unified Communications, а также описывать стратегии безопасности, криптографические сервисы PKI и технологии VPN, использовать функционал системы безопасности сетевой инфраструктуры и внедрять функции безопасности в Cisco Unified Communications Manager и терминалах Cisco.
Программа курса
1. Введение
2. Уязвимости сети Cisco Unified Communications и основы безопасности
2.1. Оценка уязвимостей сети Cisco Unified Communications
2.2. Стратегии реализации безопасности
2.3. Криптографические службы и функции
2.4. Управления ключами и PKI
2.5. IPsec и Cisco AnyConnect SSL VPN
2.6. Лабораторная работа 1: Идентификация уязвимых мест в Cisco UC сетях
3. Функционал системы безопасности сетевой инфраструктуры
3.1. Разделение сети и фильтрация пакетов
3.2. Функции безопасности коммутаторов
3.3. Cisco AnyConnect SSL VPN в сетях Cisco Unified Communications
3.4. Лабораторная работа 2: Внедрение межсетевых экранов
3.5. Лабораторная работа 3: Внедрение 802.1X
3.6. Лабораторная работа 4: Внедрение Cisco AnyConnect SSL VPN-ов
4. Cisco Unified Communications Manager и функции защиты абонентских устройств
4.1. Повышение защиты абонентских устройств
4.2. Предотвращение мошеннических звонков
4.3. Встроенные функции безопасности Cisco Unified Communications Manager
4.4. Функции безопасности Cisco Unified Communications Manager, основанные на маркерах безопасности
4.5. Лабораторная работа 5: Внедрение механизмов безопасности Cisco Unified Communications Manager, основанных на безопасных токенах
5. Интеграция Cisco Unified Communications с внешними элементами защиты
5.1. Применение SRTP для шлюзов и защита сигнала средствами IPSec
5.2. Применение SRTP для шлюзов и защита сигнала в SRST and Cisco Unified Communications Manager Express
5.3. Trusted Relay Points
5.4. Прокси
5.5. Лабораторная работа 6: Внедрение SRTP на шлюзах и защита сигнализации с помощью IPsec
5.6. Лабораторная работа 7: Внедрение безопасного SRST и безопасного Cisco Unified Communications Manager Express
5.7. Лабораторная работа 8: Внедрение Trusted Relay Points
5.8. Лабораторная работа 9: Внедрение прокси для сигнализации и RTP потоков
SSECMGT - Managing Enterprise Security with Cisco Security Manager
Длительность: 3 дня (24 часа)
Код курса: SSECMGT
Стоимость обучения.
Очный формат: 0 ₸
Онлайн формат: 0 ₸
Записаться
Кому следует посетить
Тренинг рассчитан на инженеров, обеспечивающие безопасность сети на средних и крупных предприятиях.
Предварительные требования
Сертификация Cisco CCNP® Security : CI-SECURE CI-FIREWALL CI-VPN CI-IPS 7
Понимание принципов маршрутизации и работы сети (на уровне CCNP, сертификация не требуется).
Понимание разных технологий VPN (таких как DMVPN, GET VPN и SSL VPN).
Базовое знание ОС Microsoft Windows.
Цели курса
Управление безопасностью предприятия с помощью Cisco Security Manager (CSM) v4.0 course пятидневный курс, который проводится в классе с инструктором. Основная задача тренинга дать сетевым инженерам необходимые знания для внедрения и настройки CSM. Помимо этого на тренинге рассматриваются различные технологии, применяемые в области сетевой безопасности, сопровождаемые разбором кейсов( case study), где наглядно демонстрируются некоторые сценарии внедрения.
По завершении курса слушатели смогут:
Дать развернутое описание CSM, включая основные функции и базовые решения по внедрению
Управление конфигурацией Сisco ASA и Cisco FWSM и описание систем управления событиями межсетевого экрана и корреляции конфигураций устройств
Описать наиболее часто используемые топологии VPN и способы их внедрения
Изучить способы конфигурации механизмов IPS на платформе Cisco IOS, модулях, самостоятельных устройствах, а также объяснить систему событий Cisco IPS и корреляцию конфигураций
Объяснить, как Cisco Security Manager работает с устройствами Cisco IOS, включая новые роутеры Cisco ISR G2
Описать функцию FlexConfig в CSM, рабочий процесс управления, задачи администрирования и процесс интеграции с Cisco Secure ACS
Программа курса
1. Введение
2. Обзор CSM
2.1. Применение CSM
2.2. Управление устройствами
2.3. Управление политиками
2.4. Управление объектами
2.5. Использование Map View
2.6. Лабораторная работа 1: Настройка загрузочных процессов устройств, проверка доступности
2.7. Лабораторная работа 2: Импорт устройств
2.8. Лабораторная работа 3: Определение ролей интерфейсов
2.9. Лабораторная работа 4: Создание объектов для политик
3. Управление политиками межсетевого экрана
3.1. Управление сервисами межсетевого экрана
3.2. Управление межсетевыми экранами
3.3. Мониторинг событий и корреляция правил для межсетевых экранов
3.4. Лабораторная работа 5: Управление политиками для МСЭ
3.5. Лабораторная работа 6: Настройка NAT
3.6. Лабораторная работа 7: Настройка мониторинга событий для МСЭ, корреляция
4. Управление политиками VPN
4.1. Управление VPN
4.2. Управление удаленным доступом IPsec VPN
4.3. Конфигурирование Client-Based SSL VPN
4.4. Конфигурирование Clientless SSL VPN
4.5. Настройка расширенных функций VPN
4.6. Лабораторная работа 8: Управление VPN инфраструктурой с использованием Cisco AnyConnect
4.7. Лабораторная работа 9: Управление Clientless SSL VPN
4.8. Лабораторная работа 10: Управление инфраструктурой DMVPN
4.9. Лабораторная работа 11: Управление инфраструктурой GET VPN
4.10. Управление системами Cisco IPS
4.11. Управление сервисами Cisco IPS
4.12. Управление устройствами Cisco IPS
4.13. Управление событиями Cisco IPS
4.14. Лабораторная работа 12: Настройка Cisco IOS IPS
4.15. Лабораторная работа 13: Настройка модулей IPS
4.16. Лабораторная работа 14: Настройка мониторинга событий для IPS, корреляция
5. Работа с устройствами Cisco IOS
5.1. Управление роутерами
5.2. Использование Device Manager для коммутатора Cisco Catalyst 6500 Series и маршрутизатора Cisco 7600 Series Router
5.3. Лабораторная работа 15: Настройка маршрутизаторов с ОС Cisco IOS
5.4. Лабораторная работа 16: Управление DHCP-устройствами с помощью CiscoWorks Auto Update Server
6. Обзор VPN-компонентов для Cisco ASA
6.1. Обзор технологий VPN
6.2. Реализация профилей, групповых политик и пользовательских политик
6.3. Внедрение сервисов PKI
7. Анализ сервиса FlexConfigs в CSM
7.1. Управление FlexConfigs
7.2. Управление активностями и процессами внедрения
7.3. Процесс интеграции между CSM и Cisco ACS
7.4. Сохранение резервных копий и восстановление баз данных CSM
7.5. Использование инструментов: мониторинга, поиска и устранения неисправностей в сети, диагностики
7.6. Лабораторная работа 17: Настройка FlexConfigs
7.7. Лабораторная работа 18: Интеграция ACS и CSM
802.1x - Introduction to 802.1X Operations for Cisco Security Professionals
Длительность: 3 дня (24 часа)
Код курса: 802.1x
Стоимость обучения.
Очный формат: 825 000 ₸
Онлайн формат: 784 000 ₸
Записаться
Описание курса:
Этот курс предназначен для инженеров и менеджеров, обслуживающих клиентов с решениями на базе 802.1x, архитекторов систем информационной безопасности, инженеров и других специалистов, желающие получить практический опыт реализации архитектуры Cisco TrustSec 802.1X на базе Cisco ISE.
Предварительные требования:
Сертификация CCNA
Участие в тренинге Обеспечение безопасности сетей с помощью маршрутизаторов и коммутаторов Cisco (SECURE) или эквивалентный объем знаний
Знание Microsoft Windows Server 2008 Active Directory
Знание принципов работы легковесных беспроводных точек и контроллеров беспроводных точек Cisco
Умение базовой настройки коммутаторов Cisco Catalyst при помощи командной строки
После прохождения обучения слушатели будут уметь:
Описывать принципы Cisco TrustSec
Описывать принципы, архитектуру и требования к реализации IEEE 802.1X
Описывать как протокол аутентификации RADIUS используется в Cisco TrustSec
Настроить работу ISE для 802.1x
Описывать клиентскую часть IEEE 802.1X от Microsoft, Apple и Cisco
Настраивать IEEE 802.1X для проводной сети
Настраивать IEEE 802.1X для беспроводной сети
Описывать, каким образом можно реализовать сервис защищенного гостевого доступа в сети Cisco TrustSec
Построить общий дизайн сети Cisco TrustSec с использованием IEEE 802.1X
Содержание курса:
Это 3-дневный курс, разработанный для подготовки системных инженеров компаний-партнеров к конфигурации решений Cisco TrustSec на базе Cisco Identity Services Module, коммутаторов Cisco Catalyst, и контроллеров Cisco Wireless LAN.
Цель курса – обеспечить участников базовыми знаниями о возможностях и функциях протокола IEEE 802.1X, а также умением настроить Cisco Identity Services Engine (ISE) для работы 802.1X. Курс описывает архитектуру, компоненты и возможности сети Cisco TrustSec на базе протоколов IEEE 802.1X и RADIUS.
Студенты получат практический опыт конфигурации сетевых служб на базе 802.1X при помощи Cisco ISE, коммутаторов Cisco Catalyst, а также беспроводных продуктов Cisco. Этот курс является предварительным требованием для прохождения тренинга Внедрение решения Cisco Identity Services Engine (ISE). На данный момент только сертифицированные партнеры ATP (Authorized Technology Partners) могут продавать решения Cisco ISE/802.1x.
Программа курса:
Введение
Архитектура Cisco TrustSec
Обзор Cisco TrustSec
Обзор составляющих архитектуры Cisco TrustSec
Обзор аутентификации на уровне порта
Обзор стандарта IEEE 802.1X
Обзор 802.1X и EAP
Роль протокола RADIUS в соединениях, использующих протокол EAP
Лабораторная работа 1: Предварительная настройка сети
Конфигурация устройств для работы с 802.1X
Компоненты и топологии 802.1X
Конфигурация Cisco ISE для работы с 802.1X
Конфигурация сетевых устройств для поддержки 802.1X
Конфигурация клиентских станций для поддержки 802.1X
Лабораторная работа 2: Настройка компонентов 802.1X на Cisco ISE, коммутаторе, WLC и клиенте
Конфигурация гостевого доступа
Конфигурация Cisco TrustSec для клиентских станций без поддержки 802.1X
Конфигурация Cisco WebAuth для клиентских станций без поддержки 802.1X
Лабораторная работа 3: Настройка гостевого доступа с помощью веб-аутентификации
Разработка дизайна сетей Cisco TrustSec на базе Cisco ISE и 802.1X
Совместимость составляющих сети с 802.1X
Обзор нюансов внедрения 802.1X, влияющих на дизайн сети
Обзор масштабируемых архитектур 802.1X
Лабораторная работа 4: Построение архитектуры Cisco TrustSec
Итоговый контроль знаний
SSFIPS - Securing Networks with Cisco Firepower Next-Generation IPS
Длительность: 5 дней (40 часов)
Код курса: SSFIPS
Стоимость обучения.
Очный формат: 1 813 000 ₸
Онлайн формат: 1 723 000 ₸
Записаться
Кому следует посетить:
Этот курс предназначен для технических специалистов, которым необходимо знать, как развертывать Cisco Firepower NGIPS и управлять им в своей сетевой среде.
Администраторы безопасности
Консультанты по безопасности
Сетевые администраторы
Системные инженеры
Персонал технической поддержки
Торговые партнеры и реселлеры
Предварительные требования:
Для прохождения данного курса рекомендуется обладать знаниями и навыками:
Базовое понимание работы TCP/IP сетей
Базовые знания о работе систем IDS и IPS
Цели курса:
После прохождения данного курса слушатели будут уметь:
Описывать компоненты Cisco Firepower Threat Defense, управлять процессом регистрации устройства
Настраивать политику обнаружения устройств
Внедрять политик контроля доступа
Настраивать intrusion-политики
Создавать и анализировать отчеты Firepower Management Center
Интегрировать Firepower Management Center с внешними системами логирования
Обновлять ПО и управлять административными аккаунтами Firepower Management Center
Использовать базовые команды и инструменты для поиска и устранения неполадок в работе Firepower Management Center и устройств Firepower Threat Defense
Программа курса:
Введение
Обзор Cisco Firepower Threat Defense
Сравнение и анализ систем предотвращения вторжений и межсетевых экранов
Основные функции и компоненты системы Firepower Threat Defense
Сравнение модельного ряда
Принципы лицензирования
Процесс внедрения Firepower
Настройки устройства Firepower NGFW
FXOS и Firepower Device Manager
Управление устройствами
Исследование политик Firepower Management Center
Системные настройки, показатели здоровья устройства
Контроль трафика
Packet Processing
Bypassing
Механизм анализа сети Firepower Discovery
Обзор механизма анализа сети
Анализ профиля хоста
Работа с идентификационной информацией пользователя
Политика контроля доступа к ресурсам
Введение, анализ работы политики
Анализ списка правил, действие по умолчанию
Further Inspection
Расширенные функции
Рекомендации для внедрения политики контроля доступа
Механизм Security Intelligence
Обзор механизма Security Intelligence
Объекты Security Intelligence
Настройка Security Intelligence, анализ логов
Контроль файлов и расширенная защита от вредоносного ПО
Анализ файловой политики
Анализ сервиса AMP
Система предотвращения вторжений
Введение, Snort-правила
Variables, Variable Set
Создание IPS-политики
Настройка IPS-политики
Управление IPS-политикой
Политика анализа сети
Исследование работы препроцессора
Обзор политики анализа сети
Дополнительные техники анализа
Анализ событий
Типа событий
Контекстная информация
Инструменты для анализа
Интеграция с другими платформами
Интеграция с Cisco ISE
Интеграция со Splunk
Политики корреляции и оповещения
Оповещение внешних систем
Политика корреляции
Системное администрирование
Обновления ПО
Управление пользовательскими аккаунтами
Поиск и устранение неполадок в работе системы Firepower
Распространенные ошибки в настройках
Команды для поиска и устранения неполадок
Packet Capture
FTD - Cisco Secure Firewall 7.2 Implementation
Длительность: 5 дней (40 часов)
Код курса: FTD
Стоимость обучения.
Очный формат: 1 670 000 ₸
Онлайн формат: 1 587 000 ₸
Записаться
Этот курс поможет Вам:
Получить знания и навыки, которые необходимы для настройки и эксплуатации передовой сетевой системы защиты информации Cisco.
В процессе прохождения данного курса Вы научитесь:
Понимать архитектуру, разбираться в управляющих и исполнительных компонентах системы, понимать взаимодействия между компонентами системы;
Понимать принципы лицензирования;
Понимать возможные варианты разворачивания компонентов системы;
Понимать назначение, редактировать и создавать политики Management;
Понимать возможные пути прохождения трафика через систему;
Использовать механизм Discovery для анализа сети и создания профилей хостов;
Использовать механизм Security Intelligence;
Понимать принципы работы, редактировать и создавать политики контроля доступа к ресурсам, политики контроля файлов и сервиса AMP, политики системы предотвращения вторжений, политики анализа сети;
Работать с инструментами для анализа событий;
Искать и устранять неполадки в работе системы.
Предварительные требования:
Данный курс предполагает наличие у слушателей базового знания сетевых технологий, терминологии в области ИБ, умения работать с Windows Workstation, понимания TCP/IP.
Course Outline
1. Cisco Secure Firewall Family
2. Cisco Firepower Threat Defense Components and Features
3. Firepower Threat Defense High Availability and Clustering
4. Routing for Firepower Threat Defense
5. Network Address Translation (NAT)
6. Firepower Discovery
7. Prefiltering and Prefilter Policies
8. Security Intelligence
9. SSL Policy
10. Access Control Policy
11. File Control and Advanced Malware Protection
12. Next-Generation Intrusion Prevention Systems
13. Network Analysis Policies
14. Correlation Policy
15. Firepower QoS
16. Firepower Threat Defense VPN
17. Cisco Threat Intelligence Director
18. Event Analysis Techniques
19. Cisco Secure Firewall Troubleshooting
Lab Outline
1. Navigating Firepower Management Center
2. FTD Device Configuration
3. NAT Configuration
4. Network Discovery Policy
5. Object Management
6. Access Control Policy
7. Security Intelligence
8. File Policy
9. Intrusion Policy
10. Network Analysis Policy
11. SSL Policy Configuration
12. QoS Policy Configuration
13. Correlation Policy
SDAFND - Understanding Cisco SDA Fundamentals
Course Overview
The Understanding Cisco SDA Fundamentals (SDAFND) v1.0 course introduces you to Cisco® Software-Defined Access and teaches you, through a combination of lectures and labs, how to implement simple, single-site fabric networks. You will learn the benefits of leveraging Software-Defined Access in the Cisco-powered Enterprise Campus network. SDAFND will introduce the solution, its architecture and components, and guide you through labs to design and deploy simple Cisco SD-Access networks.
This course will help you:
Deploy Cisco SD-Access networks
Explain Cisco Software-Designed Access
Operate, manage, and integrate Cisco DNA Center™
Prepare for various Cisco certifications: Cisco Certified Specialist – Enterprise Core (ENCOR), and Cisco Certified Specialist – Enterprise Design (ENSLD)
Who should attend
Field engineers
Network engineers
Network administrators
System engineers
Prerequisites
To fully benefit from this course, you should have the following knowledge and skills:
CCNP® level core networking knowledge
Ability to use Windows and Linux CLI tools such as ping, SSH, or running scripts
These are the recommended Cisco offerings that may help you meet these prerequisites:
Implementing and Administering Cisco Solutions (CCNA)
Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR)
Course Objectives
After taking this course, you should be able to:
Describe Cisco SD-Access architecture and its components
Explain Cisco DNA Center deployment models, scaling, and high availability
Identify Cisco SD-Access fabric protocols and node roles
Understand the Cisco SD-Access Wireless deployment models
Automate Day 0 device onboarding with Cisco DNA Center LAN Automation and Network PnP
Deploy simple Cisco SD-Access fabric networks
Monitor health and performance of the network with Cisco DNA Center Assurance
Interact with the Cisco DNA Center Platform Intent APIs
Course Outline:
Understanding Cisco SDA Fundamentals (SDAFND)
Introducing Cisco SD-Access
Introducing Cisco DNA Center
Exploring Cisco SD-Access Solution Components
Exploring Cisco SD-Access Wireless Architecture
Automating Network Changes with Cisco DNA Center
Deploying Fabric Networks with Cisco DNA Center
Exploring Cisco DNA Center Assurance
Exploring Cisco DNA Center Programmability
Lab Topology
Explore Cisco DNA Center User Interface
Verify Location Identifier Separation Protocol (LISP) Operation in Cisco SD-Access
Integrate Cisco DNA Center and Cisco Identity Services Engine (Cisco ISE)
Provision Access Points in Cisco DNA Center
Provision Underlay Networks with Cisco DNA Center LAN Automation
Provision Underlay Networks with Cisco DNA Center LAN Automation (cont.)
Deploy Cisco SD-Access Single Site Fabric
Deploy Cisco SD-Access Single Site Fabric (cont.)
Explore Cisco DNA Center Assurance
Cisco DNA Assurance Issues and Guided Remediation
Interact with Cisco DNA Center Intent APIs Using Python
SSFAMP - Protecting against Malware Threats with Cisco AMP for Endpoints
Course Overview
The Protecting Against Malware Threats with Cisco AMP for Endpoints (SSFAMP) v6.0 course shows you how to deploy and use Cisco® AMP for Endpoints, a next-generation endpoint security solution that prevents, detects, and responds to advanced threats. Through expert instruction and hands-on lab exercises, you will learn how to implement and use this powerful solution through several step-by-step attack scenarios. You’ll learn how to build and manage a Cisco AMP for Endpoints deployment, create policies for endpoint groups, and deploy connectors. You will also analyze malware detections using the tools available in the AMP for Endpoints console.
How you’ll benefit
This class will help you:
Learn how to deploy and manage Cisco AMP for Endpoints
Succeed in today’s high-demand security operations roles
Who should attend
Cisco integrators, resellers, and partners
Network administrators
Security administrators
Security consultants
Systems engineers
Technical support personnel
Prerequisites
To fully benefit from this course, you should have the following knowledge and skills:
Technical understanding of TCP/IP networking and network architecture
Technical understanding of security concepts and protocols
The recommended Cisco offering may help you meet these prerequisites:
Implementing and Administering Cisco Solutions (CCNA)
Course Objectives
After taking this course, you should be able to:
Identify the key components and methodologies of Cisco Advanced Malware Protection (AMP)
Recognize the key features and concepts of the AMP for Endpoints product
Navigate the AMP for Endpoints console interface and perform first-use setup tasks
Identify and use the primary analysis features of AMP for Endpoints
Use the AMP for Endpoints tools to analyze a compromised host
Analyze files and events by using the AMP for Endpoints console and be able to produce threat reports
Configure and customize AMP for Endpoints to perform malware detection
Create and configure a policy for AMP-protected endpoints
Plan, deploy, and troubleshoot an AMP for Endpoints installation
Use Cisco Orbital to pull query data from installed AMP for Endpoints connectors.
Describe the AMP Representational State Transfer (REST) API and the fundamentals of its use
Describe all the features of the Accounts menu for both public and private cloud installations
Course Outline:
Protecting against Malware Threats with Cisco AMP for Endpoints (SSFAMP)
Introducing to Cisco AMP Technologies
Introducing AMP for Endpoints Overview and Architecture
Navigating the Console Interface
Using Cisco AMP for Endpoints
Identifying Attacks
Analyzing Malware
Managing Outbreak Control
Creating Endpoint Policies
Working with AMP for Endpoint Groups
Using Orbital for Endpoint Visibility
Introducing AMP REST API
Navigating Accounts
Lab Topology
Amp Account Self-Registration
Accessing AMP for Endpoints
Attack Scenario
Analysis Tools and Reporting
Outbreak Control
Endpoint Policies
Groups and Deployment
Testing Your Configuration
Endpoint Visibility Using Orbital
REST API
Endpoint Isolation Using Cisco AMP API
User Accounts
SSFRULES - Securing Cisco Networks with Snort Rule Writing Best Practices
Course Overview
The Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRules) v2.1 course shows you how to write rules for Snort, an open-source intrusion detection and prevention system. Through a combination of expert-instruction and hands-on practice, this course provides you with the knowledge and skills to develop and test custom rules, standard and advanced rules-writing techniques, how to integrate OpenAppID into rules, rules filtering, rules tuning, and more. The hands-on labs give you practice in creating and testing Snort rules.
This course will help you:
Gain an understanding of characteristics of a typical Snort rule development environment
Gain hands-on practices on creating rules for Snort
Gain knowledge in Snort rule development, Snort rule language, standard and advanced rule options
Who should attend
This course is for technical professionals to gain skills in writing rules for Snort-based intrusion detection systems (IDS) and intrusion prevention systems (IPS). The primary audience includes:
Security administrators
Security consultants
Network administrators
System engineers
Technical support personnel using open source IDS and IPS
Channel partners and resellers
Prerequisites
To fully benefit from this course, you should have:
Basic understanding of networking and network protocols
Basic knowledge of Linux command-line utilities
Basic knowledge of text editing utilities commonly found in Linux
Basic knowledge of network security concepts
Basic knowledge of a Snort-based IDS/IPS system
Course Objectives
After taking this course, you should be able to:
Describe the Snort rule development process
Describe the Snort basic rule syntax and usage
Describe how traffic is processed by Snort
Describe several advanced rule options used by Snort
Describe OpenAppID features and functionality
Describe how to monitor the performance of Snort and how to tune rules
Course Outline:
Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRULES)
Introduction to Snort Rule Development
Snort Rule Syntax and Usage
Traffic Flow Through Snort Rules
Advanced Rule Options
OpenAppID Detection
Tuning Snort
Lab Topology
Connecting to the Lab Environment
Introducing Snort Rule Development
Basic Rule Syntax and Usage
Advanced Rule Options
OpenAppID
Tuning Snort
SSFSNORT - Securing Cisco Networks with Open Source Snort
Course Overview
The Securing Cisco Networks with Open Source Snort (SSFSNORT) v2.1 course shows you how to deploy a network intrusion detection system based on Snort. Through a combination of expert instruction and hands-on practice, you will learn how to install, configure, operate, and manage a Snort system, rules writing with an overview of basic options, advanced rules writing, how to configure Pulled Pork, and how to use OpenAppID to provide protection of your network from malware. You will learn techniques of tuning and performance monitoring, traffic flow through Snort rules, and more.
This course will help you:
Learn how to implement Snort, an open-source, rule-based, intrusion detection and prevention system
Gain leading-edge skills for high-demand responsibilities focused on security
Who should attend
This course is for technical professionals who need to know how to deploy open source intrusion detection systems (IDS) and intrusion prevention systems (IPS), and how to write Snort rules.
Security administrators
Security consultants
Network administrators
System engineers
Technical support personnel
Channel partners and resellers
Prerequisites
To fully benefit from this course, you should have:
Technical understanding of TCP/IP networking and network architecture
Proficiency with Linux and UNIX text editing tools (vi editor is suggested by not required)
Course Objectives
After taking this course, you should be able to:
Describe Snort technology and identify resources available for maintaining a Snort deployment
Install Snort on a Linux-based operating system
Describe the Snort operation modes and their command-line options
Describe the Snort intrusion detection output options
Download and deploy a new rule set to Snort
Describe and configure the snort.conf file
Configure Snort for inline operation and configure the inline-only features
Describe the Snort basic rule syntax and usage
Describe how traffic is processed by the Snort engine
Describe several advanced rule options used by Snort
Describe OpenAppID features and functionality
Describe how to monitor Snort performance and how to tune rules
Course Benefits
Course Outline:
Securing Cisco Networks with Open Source Snort (SSFSNORT)
Introduction to Snort Technology
Snort Installation
Snort Operation
Snort Intrusion Detection Output
Rule Management
Snort Configuration
Inline Operation and Configuration
Snort Rule Syntax and Usage
Traffic Flow Through Snort Rules
Advanced Rule Options
OpenAppID Detection
Tuning Snort
Lab Outline
Connecting to the Lab Environment
Snort Installation
Snort Operation
Snort Intrusion Detection Output
Pulled Pork Installation
Configuring Variables
Reviewing Preprocessor Configurations
Inline Operations
Basic Rule Syntax and Usage
Advanced Rule Options
OpenAppID
Tuning Snort
Cisco Collaboration
CLCOR - Implementing Cisco Collaboration Core Technologies
Длительность: 5 дней (40 часов)
Код курса: CLCOR
Стоимость обучения.
Онлайн формат: 1 249 000 ₸
Записаться
Длительность обучения:
Instructor-led training: 5 days with hands-on lab practice
Virtual instructor-led training: 5 days of web-based classes with hands-on lab practice
Кому следует посетить:
Students preparing to take the CCNP Collaboration certification
Network administrators
Network engineers
Systems engineers
Предварительные требования:
Working knowledge of fundamental terms of computer networking, including LANs, WANs, switching, and routing
Basics of digital interfaces, Public Switched Telephone Networks (PSTNs), and Voice over IP (VoIP)
Fundamental knowledge of converged voice and data networks and Cisco Unified Communications Manager deployment
Программа курса:
Describe the Cisco Collaboration solutions architecture
Compare the IP Phone signaling protocols of Session Initiation Protocol (SIP), H323, Media Gateway Control Protocol (MGCP), and Skinny Client Control Protocol (SCCP)
Integrate and troubleshoot Cisco Unified Communications Manager with LDAP for user synchronization and user authentication
Implement Cisco Unified Communications Manager provisioning features
Describe the different codecs and how they are used to transform analogue voice into digital streams
Describe a dial plan, and explain call routing in Cisco Unified Communications Manager
Implement Public Switched Telephone Network (PSTN) access using MGCP gateways
Implement a Cisco gateway for PSTN access
Configure calling privileges in Cisco Unified Communications Manager
Implement toll fraud prevention
Implement globalized call routing within a Cisco Unified Communications Manager cluster
Implement and troubleshoot media resources in Cisco Unified Communications Manager
Describe Cisco Instant Messaging and Presence, including call flows and protocols
Describe and configure endpoints and commonly required features
Configure and troubleshoot Cisco Unity Connection integration
Configure and troubleshoot Cisco Unity Connection call handlers
Describe how Mobile Remote Access (MRA) is used to allow endpoints to work from outside the company
Analyze traffic patterns and quality issues in converged IP networks supporting voice, video, and data traffic
Define QoS and its models
Implement classification and marking
Configure classification and marking options on Cisco Catalyst® switches
Дополнительно:
This class includes lecture sections and some self-study sections. In instructor-led classes, lectures are delivered in real-time, either in person or via video conferencing. In e-learning classes, the lectures are on recorded videos
CLICA - Implementing Cisco Collaboration Applications