General Network Design :
Network Design Methodology, Architectures for the Enterprise, Borderless Networks Architecture, Collaboration and Video Architecture, Data Center and Virtualization Architecture, Design Lifecycle: Plan, Build, Manage Plan Phase Build Phase Manage Phase Prepare, Plan, Design, Implement, Operate, and Optimize Phases Prepare Phase Plan Phase Design Phase Implement Phase Operate Phase Optimize Phase Summary of PPDIOO Phases Project Deliverables Design Methodology Identifying Customer Design Requirements Characterizing the Existing Network Steps in Gathering Information Network Audit Tools Network Checklist Designing the Network Topology and Solutions Top-Down Approach Pilot and Prototype Tests Design Document
Network Design Models :
Hierarchical Network Models Benefits of the Hierarchical Model, Hierarchical Network Design, Core Layer, Distribution Layer, Access Layer, Hierarchical Model Examples, Hub- and-Spoke, Design Collapsed Core, Design Enterprise Architecture Model, Enterprise Campus Module, Enterprise Edge Area, E- Commerce Module, Internet Connectivity Module, VPN/Remote Access, Enterprise WAN, Service Provider Edge Module, Remote Modules, Enterprise Branch Module, Enterprise Data Center Module, Enterprise Teleworker Module, High Availability Network Services, Workstation-to-Router Redundancy and LAN, High Availability Protocols, ARP Explicit Configuration, RDP, RIP, HSRP, VRRP, GLBP, Server Redundancy, Route Redundancy, Load Balancing, Increasing Availability, Link Media Redundancy
Enterprise LAN Design :
LAN Media, Ethernet Design Rules, 100Mbps Fast Ethernet Design Rules, Gigabit Ethernet Design Rules, 1000BASE-LX Long-Wavelength Gigabit Ethernet, 1000BASE-SX Short-Wavelength Gigabit Ethernet, 1000BASE-CX Gigabit Ethernet over Coaxial Cable, 1000BASE-T Gigabit Ethernet over UTP 86, 10 Gigabit Ethernet Design Rules, 10GE Media Types, EtherChannel, Comparison of Campus Media LAN Hardware, Repeaters, Hubs, Bridges, Switches, Routers, Layer 3 Switches, Campus LAN Design and Best Practices Best Practices for Hierarchical Layers, Access Layer Best Practices, Distribution Layer Best Practices, Core Layer Best Practices, STP Design Considerations, STP Toolkit, PortFast, UplinkFast, BackboneFast, Loop Guard, Root Guard, BPDU Guard, BPDU Filter, VLAN and Trunk Considerations, Unidirectional Link Detection (UDLD) Protocol, Large-Building LANs, Enterprise Campus LANs, Edge Distribution, Medium-Size LANs, Small and Remote Site LANs, Server Farm Module, Server Connectivity Options, Enterprise Data Center Infrastructure, Campus LAN QoS Considerations, Multicast Traffic Considerations, CGMP, IGMP Snooping.
Data Center Design :
Enterprise DC Architecture, Data Center Foundation Components, Data Center Topology Components, Data Center Network Programmability, SDN, Controllers, APIs, ACI, Challenges in the DC, Data Center Facility Aspects, Data Center Space, Data Center Power, Data Center Cooling, Data Center Heat, Data Center Cabling, Enterprise DC Infrastructure, Data Center Storage, Data Center Reference Architecture, Defining the DC Access Layer, Defining the DC Aggregation Layer, Defining the DC Core Layer, Security in the DC, Fabric Extenders, Virtualization Overview, Challenges, Defining Virtualization and Benefits, Virtualization Risks, Types of Virtualization, Virtualization Technologies, VSS, VRF, vPC, Device Contexts, Server Virtualization, Server Scaling, Virtual Switching, Network Virtualization Design Considerations, Access Control, Path Isolation, Services Edge, Data Center Interconnect, DCI Use Cases, DCI Transport Options, DCI L2 Considerations, Load Balancing in the DC, Application Load Balancing, Network Load Balancing.
Wireless LAN Design :
Wireless LAN Technologies, WLAN Standards, ISM and UNII Frequencies, Summary of WLAN Standards, Service Set Identifier, WLAN Layer 2 Access Method, WLAN Security, Unauthorized Access, WLAN Security Design Approach, IEEE 802.1X-2001 Port-Based Authentication, Dynamic WEP Keys and LEAP, Controlling WLAN Access to Servers, WLAN Authentication, Authentication Options, WLAN Controller Components, WLC Interface Types, AP Controller Equipment Scaling, Roaming and Mobility Groups, Intracontroller Roaming, Layer 2 Intercontroller Roaming, Layer 3 Intercontroller Roaming, Mobility Groups, WLAN Design, Controller Redundancy Design: Deterministic vs. Dynamic, N+1 WLC Redundancy, N+N WLC Redundancy, N+N+1 WLC Redundancy, Radio Management and Radio Groups, RF Groups, RF Site Survey, Using EoIP Tunnels for Guest Services, Wireless Mesh for Outdoor Wireless, Mesh Design Recommendations, Campus Design Considerations, Power over Ethernet (PoE), Wireless and Quality of Service (QoS), Branch Design Considerations, Local MAC, REAP, Hybrid REAP, Branch Office Controller Options.
WAN Technologies and the Enterprise Edge :
WAN and Enterprise Edge Overview, Definition of WAN, WAN Edge Module, Enterprise Edge Modules, WAN Transport Technologies, ISDN, ISDN BRI Service, ISDN PRI Service, Digital Subscriber Line, Cable, Wireless, Frame Relay, Time-Division Multiplexing, Metro Ethernet, SONET/SDH, Multiprotocol Label Switching (MPLS), Dark Fiber, Dense Wavelength-Division Multiplexing, Ordering WAN Technology and Contracts, WAN and Edge Design Methodologies, Response Time, Throughput, Reliability, Bandwidth Considerations, WAN Link Categories, Optimizing Bandwidth Using QoS, Queuing, Traffic Shaping and Policing, Classification, Congestion Management, Priority Queuing, Custom Queuing, Weighted Fair Queuing, Class-Based Weighted Fair Queuing, Low-Latency Queuing, Traffic Shaping and Policing, Link Efficiency, Window Size, DMZ Connectivity, Segmenting DMZs, DMZ Services, Internet Connectivity, Centralized Internet (Branch) vs. Direct Internet (Branch), High Availability for the Internet Edge, VPN Network Design.
WAN Design :
Traditional WAN Technologies Hub-and-Spoke Topology Full-Mesh Topology Partial-Mesh Topology Point-to-Point Topology Remote Site Connectivity Enterprise VPN vs. Service Provider VPN Enterprise Managed VPN: IPsec IPsec Direct Encapsulation Generic Routing Encapsulation IPsec DMVPN IPsec Virtual Tunnel Interface Design GETVPN Service Provider–Managed Offerings ,Metro Ethernet Service Provider VPNs: L2 vs. L3 ,Virtual Private Wire Services VPWS L2 VPN Considerations ,Virtual Private LAN Services VPLS L2 VPN Considerations ,MPLS, MPLS Layer 3 Design Overview MPLS L3 VPN Considerations ,VPN Benefits WAN Backup Design WAN Backup over the Internet Enterprise WAN Architecture Cisco Enterprise MAN/WAN Enterprise WAN/MAN Architecture Comparison ,Enterprise WAN Components Comparing Hardware and Software Enterprise Branch Architecture Branch Design Branch Connectivity Redundancy for Branches Single WAN Carrier vs. Dual WAN Carriers Single MPLS Carrier Site ,Dual MPLS Carriers Hybrid WAN: L3 VPN with IPsec VPN ,Internet for Branches Flat Layer 2 vs. Collapsed Core ,Enterprise Branch Profiles Small Branch Design Medium Branch Design Large Branch Design Enterprise Teleworker Design ,ISRs for Teleworkers
Internet Protocol Version 4 Design,IPv4 Header ToS IPv4 Fragmentation IPv4 Addressing ,IPv4 Address Classes Class A Addresses Class B Addresses ,Class C Addresses Class D Addresses Class E Addresses ,IPv4 Address Types IPv4 Private Addresses NAT ,IPv4 Address Subnets Mask Nomenclature IP Address Subnet Design Example Determining the Network Portion of an IP Address Variable- Length Subnet Masks, Loopback Addresses IP Telephony Networks ,IPv4 Addressing Design Goal of IPv4 Address Design , Plan for Future Use of IPv4 Addresses , Performing Route Summarization , Plan for a Hierarchical IP Address Network , Private and Public IP Address and NAT Guidelines , Steps for Creating an IPv4 Address Plan Case Study: IP Address Subnet Allocation , Address Assignment and Name Resolution , Recommended Practices of IP Address Assignment , BOOTP DHCP DNS , Internet Protocol Version 6 Design, IPv6 Header IPv6 Address Representation IPv4-Compatible IPv6 Addresses IPv6 Prefix Representation IPv6 Address Scope Types and Address Allocations IPv6 Address Allocations IPv6 Unicast Address Global Unicast Addresses Link-Local Addresses , Unique Local IPv6 Address Global Aggregatable IPv6 Address , IPv4-Compatible IPv6 Address IPv6 Anycast Addresses , IPv6 Multicast Addresses IPv6 Mechanisms ICMPv6 , IPv6 Neighbor Discovery Protocol IPv6 Name Resolution , Path MTU Discovery IPv6 Address-Assignment Strategies , Manual Configuration SLAAC of Link-Local Address , SLAAC of Globally Unique IPv6 Address DHCPv6 , DHCPv6 Lite IPv6 Security IPv6 Routing Protocols RIPng OSPFv3 , BGP4 Multiprotocol Extensions (MP-BGP) for IPv6 , IPv6 Addressing Design , Planning for Addressing with IPv6 , Route Summarization with IPv6 IPv6 Private Addressing IPv6 for the Enterprise IPv6 Address Allocation , Partly Linked IPv4 Address into IPv6, Whole IPv4 Address Linked into IPv6 IPv6 Addresses Allocated Per Location and/or Type , IPv4-to-IPv6 Transition Mechanisms and Deployment Models , Dual-Stack Mechanism IPv6 over IPv4 Tunnels , Protocol Translation Mechanisms IPv6 Deployment Models , Dual-Stack Model Hybrid Model Service Block Model ,IPv6 Deployment Model Comparison IPv6 Comparison with IPv4 ,OSPF, BGP, Route Manipulation, and IP Multicast,OSPFv2 OSPFv2 Metric OSPFv2 Adjacencies and Hello Timers , OSPFv2 Areas OSPF Area Design Considerations OSPF Router Types OSPF DRs LSA Types Autonomous System External Path Types OSPF Stub Area Types Stub Areas Totally Stubby Areas , NSSAs Virtual Links OSPFv2 Router Authentication , OSPFv2 Summary OSPFv3 OSPFv3 Changes from OSPFv2, OSPFv3 Areas and Router Types OSPFv3 LSAs OSPFv3 Summary BGP BGP Neighbors eBGP iBGP Route Reflectors Confederations BGP Administrative Distance, BGP Attributes, Weight, and the BGP Decision Process BGP Path Attributes Next-Hop Attribute Local Preference Attribute Origin Attribute Autonomous System Path Attribute MED Attribute Community Attribute Atomic Aggregate and Aggregator Attributes Weight BGP Decision Process, BGP Summary, Route Manipulation PBR Route Summarization Route Redistribution Default Metric OSPF Redistribution Route Filtering Transit Traffic Routing Protocols on the Hierarchical Network Infrastructure IP Multicast Review, Multicast Addresses Layer 3 to Layer 2 Mapping IGMP, IGMPv1 IGMPv2 IGMPv3 CGMP IGMP Snooping, Sparse Versus Dense Multicast Multicast Source and Shared Trees PIM PIM-SM PIM DR Auto-RP PIMv2 Bootstrap Router, DVMRP IPv6 Multicast Addresses
Unit 5 : Managing Security
Network Security Overview Security Legislation Security Threats Reconnaissance and Port Scanning Vulnerability Scanners Unauthorized Access Security Risks Targets Loss of Availability Integrity Violations and Confidentiality Breaches , Security Policy and Process Security Policy Defined , Basic Approach of a Security Policy Purpose of Security Policies, Security Policy Components Risk Assessment , Risk Index Continuous Security Integrating Security Mechanisms into Network Design Trust and Identity Management , Trust Domains of Trust Identity Passwords Tokens Certificates , Network Access Control Secure Services Encryption Fundamentals Encryption Keys VPN Protocols , Transmission Confidentiality Data Integrity Threat Defense , Physical Security Infrastructure Protection Security Management Solutions Security Solution Network Security Platforms , Trust and Identity Technologies Firewall Fundamentals , Types of Firewalls Next-Gen Firewalls NAT Placement , Firewall Guidelines Firewall ACLs , Identity and Access Control Deployments Detecting and Mitigating Threats IPS/IDS Fundamentals IPS/IDS Guidelines , Threat Detection and Mitigation Technologies , Threat- Detection and Threat-Mitigation Solutions , FirePOWER IPS Security Management Applications , Security Platform Solutions Security Management Network Integrating Security into Network Devices IOS Security, ISR G2 Security Hardware Options Securing the Enterprise, Implementing Security in the Campus Implementing Security in the Data Center Implementing Security in the Enterprise Edge Network Management Protocols, Simple Network Management Protocol SNMP Components, MIB SNMP Message Versions SNMPv1 SNMPv2 SNMPv3, Other Network Management Technologies RMON, RMON2 NetFlow Compared to RMON and SNMP, CDP LLDP Syslog
- 1. Configuring OSPF – I
- Single-Area OSPF Link Costs and Interface Priorities
- Multi-Area OSPF with Stub Areas and Authentication
- 2. Configuring OSPF – II
- OSPF Virtual Links and Area Summarization
- OSPF over Frame Relay
- 3. Redistribution and Administrative Distances
- Redistribution Between RIP and OSPF
- Manipulating Administrative Distances
- 4. BGP
- Configuring BGP with Default Routing
- Using the AS_PATH Attribute
- BGP Route Reflectors and Route Filters
- 5. IPv6
- Configuring OSPF for IPv6
- Configuring 6to4 Tunnels
- 6. VLANs and EtherChannel
- Static VLANS, VLAN Trunking, and VTP Domains and Modes
- Configuring EtherChannel
- 7. Spanning Tree Protocol
- Spanning Tree Protocol (STP) Default Behavior
- Modifying Default Spanning Tree Behavior
- 8. VLAN and Spanning Tree
- Per-VLAN Spanning Tree Behavior
- Multiple Spanning Tree
- 9. Internal VLAN Routing
- Inter-VLAN Routing with an External Router
- Inter-VLAN Routing with an Internal Route Processor
- 10. Configure NAT Services