> > > SWITCH Detaillierte Beschreibung

Implementing Cisco IP Switched Networks (SWITCH)

Kursbeschreibung Kurstermine Detaillierter Kursinhalt

Detaillierter Kursinhalt

Module 1: Analyzing Campus Network Designs Analyze campus network designs

Lesson 1: Enterprise Campus Architecture This lesson defines how to describe the Cisco Enterprise Campus Architecture. Upon completing this lesson, the student will be able to meet these objectives:

  • Describe Cisco SONA
  • Evaluate the benefits of the enterprise campus architecture
  • Determine the function of the core layer
  • Evaluate the impact of traffic types on the network infrastructure

Lesson 2: Cisco Lifecycle Services and Network Implementation This lesson defines how to design and implement a network using the Cisco Lifecycle Services approach. Upon completing this lesson, the student will be able to meet these objectives:

  • Describe the PPDIOO life-cycle approach
  • Describe PPDIOO implementation planning

Lab 1-1: New Hire Test

Lesson 3: Lab 1-1 Debrief These are the objectives for this debrief:

  • Review and verify your solution, as well as your findings and action log, against a set of checkpoints provided by the instructor
  • Consolidate the lessons learned during the review discussions into a set of best practice methods and commands to aid you in future deployment procedures

Module 2: Implementing VLANs in Campus Networks Implement VLANs in campus networks Lesson 1: Applying Best Practices for VLAN Topologies This lesson defines how to plan, implement, and verify VLAN technologies, trunks, and addressing schemes to meet given business and technical requirements and constraints

  • Describe the different VLAN segmentation models
  • Given an enterprise VLAN network design, describe the information needed to create an implementation plan, identify the choices that need to be made, and analyze the consequences of those choices
  • Given an enterprise VLAN network design that contains end-to-end VLANs and trunks, create an implementation and verification plan; then successfully execute that plan
  • Given an enterprise VLAN network design that contains VTP, create an implementation and verification plan; then successfully execute that plan

Lesson 2: Configuring Private VLANs This lesson defines how to configure and verify private VLANs

  • Describe PVLANs
  • Configure isolated PVLANs
  • Configure community PVLANs
  • Given an enterprise VLAN network design that contains PVLANs, create an
  • implementation and verification plan; then successfully execute that plan
  • Configure PVLANs across multiple switches

Lesson 3: Configuring Link Aggregation with EtherChannel This lesson defines how to configure and verify link aggregation with EtherChannel

  • Understand the benefits of EtherChannel
  • Compare the PAgP and the LACP
  • Given an enterprise VLAN network design that contains Layer 2 EtherChannel links, create an implementation and verification plan; then successfully execute that plan
  • Given an enterprise VLAN network design that contains load balancing among the ports included in an EtherChannel, create an implementation and verification plan; then successfully execute that plan

Lab 2-1: Design and Implement VLANs, Trunks, and EtherChannel

Lesson 4: Lab 2-1 Debrief

  • Discuss lab results

Lab 2-2: Troubleshoot Common VLAN Configuration and Security Issues

Lesson 5: Lab 2-2 Debrief

  • Discuss lab results

Lab 2-3: Configure Private VLANs

Lesson 6: Lab 2-3 Debrief

  • Discuss lab results

Module 3: Implementing Spanning Tree Implement spanning tree in a campus network Lesson 1: Spanning Tree Protocol Enhancements This lesson defines how to configure and verify PVRST+ and MSTP in a Layer 2 topology that contains bridging loops

  • Describe the various STP standards
  • Describe STP operations
  • Implement and configure PVRST+
  • Understand RSTP port roles
  • Verify RSTP configurations
  • Describe MSTP
  • Implement and configure MSTP

Lesson 2: Describing STP Stability Mechanisms This lesson defines how to configure and verify STP stability

  • Protect the operation of STP
  • Configure BPDUGuard
  • Configure BPDUFilter
  • Configure RootGuard
  • Configure LoopGuard
  • Configure UDLD to detect and shut down unidirectional links
  • Optimize STP operations by using the right combination of STP stability features

Lab 3-1: Implement Multiple Spanning Tree

Lesson 3: Lab 3-1 Debrief

  • Discuss lab results

Lab 3-2: Implement PVSRT+

Lesson 4: Lab 3-2 Debrief

  • Discuss lab results

Lab 3-3: Troubleshoot Spanning Tree Issues Lesson 5: Lab 3-2 Debrief

  • Discuss lab results

Module 4: Implementing Inter-VLAN Routing Implement inter-VLAN routing, using each of three methods Lesson 1: Describing Routing Between VLANs This lesson defines how to configure and verify inter-VLAN routing in a Layer 2 topology using an external router, a switch SVI, or a switch-routed interface

  • Configure both a switch and router to accommodate inter-VLAN packet transfer using an external router
  • Describe a Layer 3 SVI
  • Understand commands that are used to configure an SVI
  • Describe a routed port on a multilayer switch
  • Understand commands that are used to configure a routed port on a multilayer switch
  • Configure Layer 3 EtherChannel links
  • Configure inter-VLAN routing on a multilayer switch
  • Configure DHCP services on a Layer 3 switch

Lesson 2: Deploying Multilayer Switching with Cisco Express Forwarding This lesson defines how to configure and verify inter-VLAN routing in a Layer 2 topology using multilayer switching with Cisco Express Forwarding

  • Understand the process of multilayer switching, and how it differs when you are performing Layer 2 versus Layer 3 switching
  • Understand the packet and frame header rewriting that is performed by a multilayer switch
  • Explain Layer 3 switch processing
  • Describe the various switching methods that are available on a Cisco switch
  • Describe and configure Cisco Express Forwarding on a Cisco switch

Lab 4-1: Implement Inter-VLAN Routing

Lesson 3: Lab 4-1 Debrief

  • Discuss lab results

Lab 4-2 Troubleshoot Inter-VLAN Routing

Lesson 4: Lab 4-2 Debrief

  • Discuss lab results

Module 5: Implementing a Highly Available Network Implement a high availability network

Lesson 1: Understanding High Availability This lesson defines how to understand the concept of high availability, resiliency, and redundancy

  • Evaluate the uses, requirements, benefits, and performance expectations of high availability in a given enterprise network design
  • Describe resiliency for high availability
  • Design the network for optimal redundancy

Lesson 2: Implementing High Availability This lesson defines how to implement the identified high-availability solution

  • Implement high availability at the switch level
  • Use Cisco StackWise technology on access switches
  • Evaluate the impact of too little redundancy
  • Assess the impact of uplink failure

Lesson 3: Implementing Network Monitoring This lesson defines how to implement solutions using Cisco IOS IP service level agreements to monitor the state of internetworking devices and their network connection, and use reporting mechanism to centralize the collected information

  • Implement network monitoringConfigure IP SLA technology

Lab 5-1: Implement High Availability in a Network Design

Lesson 4: Lab 5-1 Debrief

  • Discuss lab results

Module 6: Implementing Layer 3 High Availability Configure and optimize HSRP to provide Layer 3 redundancy to network hosts Lesson 1: Configuring Layer 3 Redundancy with HSRP This lesson defines how to configure and verify an HSRP implementation

  • Describe routing issuesIdentify the router redundancy process
  • Configure HSRP operations
  • Describe and fine-tune HSRP Troubleshoot HSRP

Lesson 2: Configuring Layer 3 Redundancy with VRRP and GLBP This lesson defines how to configure Layer 3 redundancy with VRRP and GLBP

  • Describe VRRPIdentify the VRRP operations process
  • Configure VRRP
  • Describe GLBP
  • Identify the GLBP operations process
  • Configure GLBP

Lab 6-1: Implement and Tune HSRP

Lesson 3: Lab 6-1 Debrief

  • Discuss lab results

Lab 6-2: Implement VRRP Lesson 4: Lab 6-2 Debrief

  • Discuss lab results

Module 7: Minimizing Service Loss and Data Theft in a Campus Network Implement security precautions to mitigate vulnerabilities and threats in VLANs

Lesson 1: Understanding Switch Security Issues This lesson defines how to identify attacks and threats to switches and how to guard against them

  • Describe switch and Layer 2 security as a subset of an overall network security plan
  • Describe how a rogue device gains unauthorized access to a network
  • Categorize switch attack types and list mitigation options
  • Describe how a MAC flooding attack works to overflow a CAM Campus Backbone Layer table
  • Describe how port security is used to block input from devices based on Layer 2 restrictions
  • Describe the procedure for configuring port security on a switch
  • Describe the methods that can be used for authentication using AAA
  • Describe port-based authentication using 802.1X

Lesson 2: Protecting Against VLAN Attacks This lesson defines how to configure close control of trunk links to mitigate VLAN hopping attacks and VLAN access control lists (VACLs) to filter traffic within a VLAN

  • Describe how VLAN hopping occurs and why it is a security vulnerability
  • Explain the procedure for configuring a switch to mitigate VLAN hopping attacks
  • Describe VACLs and their purpose as part of VLAN security
  • Explain the procedure for configuring VACLs

Lesson 3: Protecting Against Spoofing Attacks This lesson defines how to configure switches to guard against DHCP, MAC, and ARP threats

  • Identify DHCP spoofing attacks
  • Prevent attacks using DHCP snooping
  • Configure DHCP snooping
  • Describe ARP poisoning
  • Protect against ARP spoofing attacks with DAI

Lesson 4: Securing Network Services This lesson defines how to secure Layer 2 devices by protecting physical and virtual ports, disabling unneeded services, forcing the encryption of sessions, and enabling logging at the device level

  • Identify Cisco Discovery Protocol and LLDP vulnerabilities
  • Identify Telnet protocol vulnerabilities
  • Configure SSH
  • Configure vty ACLs
  • Configure Cisco IOS secure HTTP server
  • Understand switch security considerations

Lab 7-1: Secure Network Switches to Mitigate Security Attacks

Lesson 5: Lab 7-1 Debrief

  • Discuss lab results

Module 8: Accommodating Voice and Video in Campus Networks Accommodate voice and video in campus networks Lesson 1: Planning for Support of Voice in a Campus Network This lesson defines how to describe the best practices for implementing voice in a campus network. Upon completing this lesson, the student will be able to meet these objectives:

  • Discuss the components of a VoIP network and the components of IP telephony
  • Compare the uniform bandwidth consumption of voice traffic to the intermittent bandwidth consumption of data traffic
  • Compare video bandwidth consumption to voice and data bandwidth consumption based on video application types
  • Identify a solution for latency, jitter, bandwidth, packet loss, reliability, and security for voice and video traffic integration into a data network

Lesson 2: Integrating and Verifying VoIP in a Campus Infrastructure This lesson defines how to integrate VoIP in a campus infrastructure and verify its integration. Upon completing this lesson, the student will be able to meet these objectives:

  • Plan for VoIP requirements
  • Describe Voice VLANs
  • Configure and Verify Voice VLANs
  • Plan PoE requirements and configure PoE
  • Provide additional services required by VoIP devices
  • Create a Test Plan for VoIP integration

Lesson 3: Working with Specialists to Accommodate Voice and Video on Campus Switches This lesson defines how to plan integration of VoIP and video traffic into a data network based on input from voice and video specialists. Upon completing this lesson, the student will be able to meet these objectives:

  • Describe high availability applied to VoIP or video traffic
  • Build an integrated voice/video/data campus network
  • Explain the need for QoS for VoIP and video integration
  • Configure basic QoS for voice and video VLANs

Lab 8-1: Plan Implementation and Verification of VoIP in a Campus Network

Lesson 4: Lab 8-1 Debrief

  • Discuss lab results

Module 9: Integrating Wireless LANs into a Campus Network Prepare campus networks for the integration of wireless LANs Lesson 1: Comparing WLANs with Campus Networks This lesson defines how to compare the topologies and equipment of WLANs with those of wired campus networks

  • Describe WLANs
  • Compare wired and wireless LAN
  • Describe main wireless LAN topologies
  • Describe the settings specific to WLANs, such as SSIDs, and WLAN-to-VLAN mapping

Lesson 2: Assessing the Impact of WLANs on Campus Networks This lesson defines how to assess the impact of WLANs on campus infrastructure operations

  • Describe WLAN implementations
  • Compare WLAN solutions
  • Assess traffic flow in an autonomous AP configuration and its impact on the campus LAN
  • Assess traffic flow in an controller-based configuration and its impact on the campus LAN

Lesson 3: Preparing the Campus Infrastructure for WLANs This lesson defines how to create implementation and verification plans for preparing infrastructure devices to integrate WLANs, and how to configure the campus network accordingly

  • Decide on the best placement for APs and controllers
  • Configure switches for WLAN devices
  • Gather WLAN requirements
  • Plan WLAN integration
  • Create a test plan

Lab 9-1: Integrate Wireless in the Campus

Lesson 4: Lab 9-1 Debrief

  • Discuss lab results