Software Defined Access and ISE Integration for Policy Deployment and Enforcement


Introduction

There are many challenges today in managing the network because of manual configuration and fragmented tool offerings. Manual operations are slow and error-prone and these issues will be exacerbated due to the constantly changing environment with more users, devices, and applications. With the growth of users and different device types coming into the network, it is more complex to configure user credentials and maintain a consistent policy across the network. If your policy is not consistent, there is the added complexity of maintaining separate policies between wired and wireless. As users move around the network, it also becomes difficult to locate users and troubleshoot issues. The bottom line is that the networks of today do not address today's network needs.

 Software-Defined Access (SD-Access) is the industry's first intent-based networking solution for the Enterprise build on the principles of Cisco's Digital Network Architecture (DNA). SD-Access provides automated end-to-end segmentation to separate user, device, and application traffic without redesigning the network. SD-Access automates user access policy so organizations can make sure the right policies are established for any user or device with any application across the network. This is accomplished with a single network fabric across LAN and WLAN which creates a consistent user experience anywhere without compromising on security.

Objectives

Upon completing this course, the learner will be able to meet these overall objectives:

  • Know and understand Cisco's SD-Access concepts, features, benefits, terminology along with the way this approach innovates common administrative tasks on today's networks
  • Differentiate and explain each of the building blocks of SD-Access Solution
  • Explain the concept of "Fabric" and the different node types that conform it (Fabric Edge Nodes, Control Plane Nodes, Border Nodes)
  • Describe the role of LISP in Control Plane and VXLAn in Data Plane for SD-Access Solution
  • Understand TrustSec concepts, deployment details and the way TrustSec is used as part of SD-Access Solution for segmentation and Policy Enforcement
  • Understand the role of DNA Center as solution orchestrator and Intelligent GUI
  • Be familiar with workflow approach in DNA Center and its Four Steps:  Design, Policy, Provision, and Assurance
  • Explain the role that ISE and NDP play as part of the solution
  • Configure AAA services and TrustSec Policy in ISE
  • Integrate ISE with DNA Center for Policy enforcement

Target Audience

The primary audience for this course is as follows:

Anyone interested in knowing about SD-Access

Personnel involved in SD-Access Design and Implementation

Network Operations teams with SD-Access solution.

Prerequisites

The knowledge and skills that a student must have before attending this course are as follows:

  • Knowledge level equivalent to Cisco CCNA Routing & Switching
  • Basic knowledge of Software Defined Networks
  • Basic knowledge of network security including AAA, Access Control, and ISE
  • Basic knowledge and experience with Cisco IOS, IOS XE, and CLI

On-Site Training

If you need training for three or more people, ask us about training at your site. You can enjoy the convenience of reduced travel cost and time, as well as a familiar environment for your staff. Additionally, we can customise the course for your business needs.




User Reviews

Not yet rated. You will need to follow this course before you can write a review.

Course Info


Schedule

  • Sydney
  • 30/10/2019 - 1/11/2019

Next Step

Book Course Now
Enquire Now
Tell a Friend
Email Course Outline