
Technology combined training.
We are announcing the Cisco ISE & Internet Edge 4 Days accelerated workshop. This is one-time training & the only one in the market. This is combined training for those who want to improve Cisco ISE troubleshooting and configuration skills as well as get familiar with BGP routing for Enterprise WAN & Internet Edge. While it might seem that we are mixing the security & RS areas, we receive many requests from industry regarding combined technology training. Why they ask about such apporach? Many enterprise network administrators face the wide scope of technology in everyday work covering Routing, Siwtching, LAN Security, VPN, WAN, Internet Edge thus spending 4 – 5 Days of training on only one product or technology area could be not affordable in terms of time and bugdet. Providing accelareated Cisco ISE & Enterprise BGP we cover many necessary aspects of Infrastructure access and BGP routing subjects.
What you will learn and lab during these 4 intensive days?
ISE SCOPE:
- ISE as a part of Cisco TrustSec
- ISE Architecture: nodes, functions, personas
- Deployment options
- Scaling Cisco ISE, resources estimation
- NAD, client and ISE traffic flow
- 802.1X concepts (EAP protocols)
- Cisco Switch configuration as a NAD
- Cisco WLC configuration as a NAD
- Cisco ASA configuration as a NAD
- Testing ISE and NAD connections
- Cisco ISE authentication process (AuthC)
- Authentication Conditions
- Authentication Profiles
- Internal and External Identity Sources
- Identity Sources Sequences
- Cisco ISE authorization process (AuthZ)
- Authorization Conditions
- Authorization Profiles
- Guest access design (PSN behavior, session stickiness, certificates)
- Guest portal configuration
- Authentication and Authorization
- Identity source sequence and authentication options
- Sponsor Portal
- Sponsor Authentication Sequence
- Sponsor role based operations
- Configuring profiling service
- Verify profiling
- Dual and Single SSID provisioning
- On-boarding behavior setup
- Certificate profiles preparation
- Onboarding verification
BGP SCOPE:
BGP Overview
- BGP protocol
- Applications – Service Provider, Enterprise environments
- Architecture – Autonomous System, BGP Policy Engines
- iBGP and eBGP comparison and behavior, timers
- Control Plane and Forwarding Plane
- The BGP RIP, IP RIB, FIB roles
- BGP Attributes
- Path decision process
- BGP session establishment and capabilities (MP-BGP)
Lab Topology overview
- Physical and logical topology description
Basic topology setup
- LAB1: Sites addressing, interfaces setup
- LAB2: BGP basic configuration and session establishment
- LAB3: Prefix exchange, IP RIB, BGP RIB, FIB
- LAB4: BGP Attributes review, Next Hop verification
Policy control techniques
- Policy control usage – Filter lists
- Prefix lists
- LAB 5: Prefix list configuration
- AS_PATH lists
- LAB 6: AS_PATH list configuration
- Community lists
- LAB 7: AS_PATH list configuration
- Route Maps
- LAB 8: Route Maps configuration
- Policy Lists
- LAB 9: Policy lists configuration
- BGP filtering process order
- LAB 10: Scenario 1 – basic outbound and inbound filtering task
BGP – IGP interaction
- Need for IGP and BGP exchange
- Redistribute and network commands behavior
- LAB 11: Configuring basic OSPF and route redistribution between processes
BGP in Enterprise Internet Edge
- Internet connectivity in Enterprise, why BGP?
- Default or Full Feed, memory estimation
- Multihoming
- Stub Multihoming single and multiple Border Routers
- Standard Multihoming
- LAB 12: Multihomed network setup
- Inbound filtering best practice
- Outbound filtering best practice
- LAB 13: Filtering in Multihomed Network
- Load Balancing
- LAB 14: Load Balancing configuration
- eBGP Multihop solution
- LAB 15: Multhihop session configuration
- Securing BGP sessions
- LAB 16: Session security session configuration
- LAB 17: BGP on the edge troubleshooting and task solving
Who will lead the Cisco ISE training?
Training will be conducted by Marcin Biały , passionate instructor, engineer and architect who has over 12 large scale and several smaller projects implementations of Cisco ISE from (1.1 to 2.2) and used to work with biggest service providers and enterprise customers building BGP based architectures. Marcin helps organisations of various sizes to harden, transform and build scalable efficient enterprise networks.
I will love to attend this training and will be glad if I can get any information that will allow me to join this training.
Please contact us at sales@grandmetric.com