SDAINT: Introduction to SD-Access and DNA Center
Introduction to Cisco SD-Access and Catalyst Center (formerly DNA Center) offer Cisco’s next-generation programmable digital network to help automate common network access security features and streamline the redundant, complex configuration required to allow different groups of users access to the network infrastructure. This 2-day network security training course allows network administrators to quickly allow differentiated access for end users on the network while allowing the network to react automatically to day zero and other types of attacks using integration with Cisco ISE for Policy Enforcement with Cisco Catalyst Center (formerly DNA Center).
Upcoming Dates
What's Included
- Official Cisco courseware
- Remote lab access
Prerequisites
- Knowledge level equivalent to CCNA
- Basic knowledge of Software Defined Networks
- Basic knowledge and experience with Cisco IOS, IOS XE and CLI
Course Objectives
After completing this course, you should be able to:
- Know and understand Cisco’s SD-Access concepts, features, benefits, terminology and the way this approach innovates common administrative tasks on today’s networks.
- Differentiate and explain each of the building blocks of SD-Access Solution
- Explain the concept of “Fabric” and the different node types that conform it (Fabric Edge Nodes, Control Plane Nodes, Border Nodes)
- Describe the role of LISP in Control Plane and VXLAN in Data Plane for SD-Access Solution
- Understand the role of DNA Center as solution orchestrator and Intelligent GUI
- Be familiar with workflow approach in DNA Center and its 4 Steps: Design, Policy, Provision and Assurance
Course Outline
Module 1: Introduction to Cisco’s Software Defined Access (SD-Access)
- SD-Access Overview
- SD-Access Benefits
- SD-Access Key Concepts
- SD-Access Main Components
- Catalyst Center (formerly DNA Controller)
- NDP (Analytics and Assurance)
Module 2: SD-Access Campus Fabric
- SD-Access Campus Fabric Overview
- Key Components
- Control Plane Based on LISP
- Data Plane Based on VXLAN
- Policy Plane Based on CTS
- Cisco SD-Access Platform Support
- Fabric Edge Node
- Fabric Control Plane
- Fabric Border Node
- Fabric Extended Node
- Fabric-Enabled WLAN
- Cisco SD-Access Scaling Considerations
Module 3: Catalyst Center (formerly DNA Center) and Workflow for SD-Access
- Cisco Catalyst/DNA Center Automation Overview
- Workflow for SD-Access in Catalyst Center
- Integration with Cisco ISE for Policy Enforcement
- Integration with Cisco NDP for Analytics and Assurance
Module 4: Catalyst/DNA Center Workflow First Step – Design
- Catalyst / DNA Center Workflow Design Overview
- Creating Enterprise and Sites Hierarchy
- Discuss and Demonstrate General Network Settings
- Loading Maps into the GUI
- IP Address Administration
- Administering Software Images
- Network Device Profiles
- Underlay Automation
- Network Planning
- Underlay Network Design
Module 5: Catalyst/DNA Center Workflow Second Step – Policy
- Cisco Catalyst/DNA Center Policy Overview
- 2-Level Hierarchy
- Macro Level: Virtual Network (VN)
- Micro Level: Scalable Group (SG)
- Policy Types
- Access Policy
- Access Control Policy
- Traffic Copy Policy
- Access Controls Based on Group-Based Policies
- ISE Integration with Catalyst/DNA Center
- Cross Domain Policies
Module 6: Catalyst/DNA Center Workflow Third Step – Provision
- Catalyst/ DNA Center Provision Overview
- Device Onboarding
- Underlay Network Provisioning
- Fabric Domains
- Adding Nodes
Module 7: DNA Center Workflow Fourth Step – Assurance
- Introduction to Analytics
- NDP Fundamentals
- Overview of Catalyst/ DNA Assurance
- Assurance within SD-Access
- Assurance Use Cases
- DNA Center Assurance Dashboard
- Understand Assurance Health Scores
Module 8: Implementing WLAN in SD-Access Solution
- WLAN Integration Strategies in SD-Access Fabric
- SD-Access Wireless Architecture
- Sample Design for SD-Access Wireless
- Guest Design Options
Module 9: Campus Fabric External Connectivity for SD-Access
- Enterprise Sample Topology for SD-Access
- Cisco SD-Access Border
- SD-Access Border
- SD-Access Default Border
- Single Border vs. Multiple Border Designs
- Collocated vs. Distributed Border and Control Plane Nodes
- Use Case 1: Border with Collocated Control Plane Node
- Use Case 2: Border with Distributed Control Plane Node FiaB Deployment
- Cisco SD-Access Distributed Campus
Labs
- Lab 1: Integrate Cisco ISE with Cisco Catalyst/DNA Center
- Lab 2: Navigate Cisco Catalyst/DNA Center
- Lab 3: Discover the SD-Access Underlay
- Lab 4: Cisco Catalyst/DNA Center Design
- Lab 5: Catalyst/DNA Center Policies
- Lab 6: Catalyst/DNA Center Provisioning and Onboarding