Course Description
Implementing Cisco Switched Networks (SWITCH) v1.0 is a five-day
instructor-led training course, designed to help you prepare to plan,
configure and verify the implementation of complex enterprise switching
solutions for campus environments using the Cisco Enterprise Campus
Architecture. These skills are validated in the Cisco CCNP Routing and
Switching certification, a professional-level certification specializing
in the routing and switching field.
This course is a component of the Cisco CCNP Routing and Switching
curriculum. This course is designed to give you a firm understanding of
how to manage switches in an enterprise campus environment. This
training class reinforces the instruction by providing you with hands-on
labs.
Who should attend
This course is primarily intended for:
- Network professionals who will need to correctly implement
switch-based solutions given a network design using Cisco IOS services
and features
- Network Engineers
- Network Operations Center (NOC) technical support personnel
- Help Desk Technicians
Others who would find this course useful include:
- Any individual involved in network operations and support
Certifications
This course is part of the following Certifications:
- Cisco Certified Design Professional (CCDP)
- CCIE Routing & Switching (CCIERS Routing & Switching)
- Cisco Certified Design Expert (CCDE)
- CCIE Security (CCIES Security)
- Cisco Certified Network Professional (CCNP)
Prerequisites
The knowledge and skills you must have before attending this course are as follows:
- Knowledge and experience equivalent to having attended the
Interconnecting Cisco Networking Devices Part 1 (ICND1) and
Interconnecting Cisco Networking Devices Part 2 (ICND2) courses
Course Objectives
Upon completing this course, you will be able to:
- Analyze campus network designs
- Implement VLANs in a network campus
- Implement spanning tree
- Implement inter-VLAN routing in a campus network
- Implement a highly available network
- Implement high-availability technologies and techniques using multilayer switches in a campus environment
- Implement security features in a switched network
- Integrate WLANs into a campus network
- Accommodate voice and video in campus networks
Detailed Course Outline
Module 1: Analyzing Campus Network Designs Analyze campus network designs
Lesson 1: Enterprise Campus Architecture This lesson defines how to describe the Cisco Enterprise Campus Architecture. Upon completing this lesson, you will be able to:
- Describe Cisco SONA
- Evaluate the benefits of the enterprise campus architecture
- Determine the function of the core layer
- Evaluate the impact of traffic types on the network infrastructure
Lesson 2: Cisco Lifecycle Services and Network Implementation
This lesson defines how to design and implement a network using the
Cisco Lifecycle Services approach. Upon completing this lesson, you will
be able to:
- Describe the PPDIOO life-cycle approach
- Describe PPDIOO implementation planning
Lab 1-1: New Hire Test
Lesson 3: Lab 1-1 Debrief These are the objectives for this debrief:
- Review and verify your solution, as well as your findings and action
log, against a set of checkpoints provided by the instructor
- Consolidate the lessons learned during the review discussions into a
set of best practice methods and commands to aid you in future
deployment procedures
Module 2: Implementing VLANs in Campus Networks Implement VLANs in campus networks
Lesson 1: Applying Best Practices for VLAN Topologies
This lesson defines how to plan, implement, and verify VLAN
technologies, trunks, and addressing schemes to meet given business and
technical requirements and constraints
- Describe the different VLAN segmentation models
- Given an enterprise VLAN network design, describe the information
needed to create an implementation plan, identify the choices that need
to be made, and analyze the consequences of those choices
- Given an enterprise VLAN network design that contains end-to-end
VLANs and trunks, create an implementation and verification plan; then
successfully execute that plan
- Given an enterprise VLAN network design that contains VTP, create an
implementation and verification plan; then successfully execute that
plan
Lesson 2: Configuring Private VLANs This lesson defines how to configure and verify private VLANs
- Describe PVLANs
- Configure isolated PVLANs
- Configure community PVLANs
- Given an enterprise VLAN network design that contains PVLANs, create an
- implementation and verification plan; then successfully execute that plan
- Configure PVLANs across multiple switches
Lesson 3: Configuring Link Aggregation with EtherChannel This lesson defines how to configure and verify link aggregation with EtherChannel
- Understand the benefits of EtherChannel
- Compare the PAgP and the LACP
- Given an enterprise VLAN network design that contains Layer 2
EtherChannel links, create an implementation and verification plan; then
successfully execute that plan
- Given an enterprise VLAN network design that contains load balancing
among the ports included in an EtherChannel, create an implementation
and verification plan; then successfully execute that plan
Lab 2-1: Design and Implement VLANs, Trunks, and EtherChannel
Lesson 4: Lab 2-1 Debrief
Lab 2-2: Troubleshoot Common VLAN Configuration and Security Issues
Lesson 5: Lab 2-2 Debrief
Lab 2-3: Configure Private VLANs
Lesson 6: Lab 2-3 Debrief
Module 3: Implementing Spanning Tree Implement spanning tree in a campus network
Lesson 1: Spanning Tree Protocol Enhancements This lesson defines how to configure and verify PVRST+ and MSTP in a Layer 2 topology that contains bridging loops
- Describe the various STP standards
- Describe STP operations
- Implement and configure PVRST+
- Understand RSTP port roles
- Verify RSTP configurations
- Describe MSTP
- Implement and configure MSTP
Lesson 2: Describing STP Stability Mechanisms This lesson defines how to configure and verify STP stability
- Protect the operation of STP
- Configure BPDUGuard
- Configure BPDUFilter
- Configure RootGuard
- Configure LoopGuard
- Configure UDLD to detect and shut down unidirectional links
- Optimize STP operations by using the right combination of STP stability features
Lab 3-1: Implement Multiple Spanning Tree
Lesson 3: Lab 3-1 Debrief
Lab 3-2: Implement PVSRT+
Lesson 4: Lab 3-2 Debrief
Lab 3-3: Troubleshoot Spanning Tree Issues Lesson 5: Lab 3-2 Debrief
Module 4: Implementing Inter-VLAN Routing Implement inter-VLAN routing, using each of three methods
Lesson 1: Describing Routing Between VLANs This
lesson defines how to configure and verify inter-VLAN routing in a Layer
2 topology using an external router, a switch SVI, or a switch-routed
interface
- Configure both a switch and router to accommodate inter-VLAN packet transfer using an external router
- Describe a Layer 3 SVI
- Understand commands that are used to configure an SVI
- Describe a routed port on a multilayer switch
- Understand commands that are used to configure a routed port on a multilayer switch
- Configure Layer 3 EtherChannel links
- Configure inter-VLAN routing on a multilayer switch
- Configure DHCP services on a Layer 3 switch
Lesson 2: Deploying Multilayer Switching with Cisco Express Forwarding
This lesson defines how to configure and verify inter-VLAN routing in a
Layer 2 topology using multilayer switching with Cisco Express
Forwarding
- Understand the process of multilayer switching, and how it differs when you are performing Layer 2 versus Layer 3 switching
- Understand the packet and frame header rewriting that is performed by a multilayer switch
- Explain Layer 3 switch processing
- Describe the various switching methods that are available on a Cisco switch
- Describe and configure Cisco Express Forwarding on a Cisco switch
Lab 4-1: Implement Inter-VLAN Routing
Lesson 3: Lab 4-1 Debrief
Lab 4-2 Troubleshoot Inter-VLAN Routing
Lesson 4: Lab 4-2 Debrief
Module 5: Implementing a Highly Available Network Implement a high availability network
Lesson 1: Understanding High Availability This lesson defines how to understand the concept of high availability, resiliency, and redundancy
- Evaluate the uses, requirements, benefits, and performance
expectations of high availability in a given enterprise network design
- Describe resiliency for high availability
- Design the network for optimal redundancy
Lesson 2: Implementing High Availability This lesson defines how to implement the identified high-availability solution
- Implement high availability at the switch level
- Use Cisco StackWise technology on access switches
- Evaluate the impact of too little redundancy
- Assess the impact of uplink failure
Lesson 3: Implementing Network Monitoring This
lesson defines how to implement solutions using Cisco IOS IP service
level agreements to monitor the state of internetworking devices and
their network connection, and use reporting mechanism to centralize the
collected information
- Implement network monitoringConfigure IP SLA technology
Lab 5-1: Implement High Availability in a Network Design
Lesson 4: Lab 5-1 Debrief
Module 6: Implementing Layer 3 High Availability Configure and optimize HSRP to provide Layer 3 redundancy to network hosts
Lesson 1: Configuring Layer 3 Redundancy with HSRP This lesson defines how to configure and verify an HSRP implementation
- Describe routing issuesIdentify the router redundancy process
- Configure HSRP operations
- Describe and fine-tune HSRP Troubleshoot HSRP
Lesson 2: Configuring Layer 3 Redundancy with VRRP and GLBP This lesson defines how to configure Layer 3 redundancy with VRRP and GLBP
- Describe VRRPIdentify the VRRP operations process
- Configure VRRP
- Describe GLBP
- Identify the GLBP operations process
- Configure GLBP
Lab 6-1: Implement and Tune HSRP
Lesson 3: Lab 6-1 Debrief
Lab 6-2: Implement VRRP Lesson 4: Lab 6-2 Debrief
Module 7: Minimizing Service Loss and Data Theft in a Campus Network Implement security precautions to mitigate vulnerabilities and threats in VLANs
Lesson 1: Understanding Switch Security Issues This lesson defines how to identify attacks and threats to switches and how to guard against them
- Describe switch and Layer 2 security as a subset of an overall network security plan
- Describe how a rogue device gains unauthorized access to a network
- Categorize switch attack types and list mitigation options
- Describe how a MAC flooding attack works to overflow a CAM Campus Backbone Layer table
- Describe how port security is used to block input from devices based on Layer 2 restrictions
- Describe the procedure for configuring port security on a switch
- Describe the methods that can be used for authentication using AAA
- Describe port-based authentication using 802.1X
Lesson 2: Protecting Against VLAN Attacks This
lesson defines how to configure close control of trunk links to mitigate
VLAN hopping attacks and VLAN access control lists (VACLs) to filter
traffic within a VLAN
- Describe how VLAN hopping occurs and why it is a security vulnerability
- Explain the procedure for configuring a switch to mitigate VLAN hopping attacks
- Describe VACLs and their purpose as part of VLAN security
- Explain the procedure for configuring VACLs
Lesson 3: Protecting Against Spoofing Attacks This lesson defines how to configure switches to guard against DHCP, MAC, and ARP threats
- Identify DHCP spoofing attacks
- Prevent attacks using DHCP snooping
- Configure DHCP snooping
- Describe ARP poisoning
- Protect against ARP spoofing attacks with DAI
Lesson 4: Securing Network Services This lesson
defines how to secure Layer 2 devices by protecting physical and virtual
ports, disabling unneeded services, forcing the encryption of sessions,
and enabling logging at the device level
- Identify Cisco Discovery Protocol and LLDP vulnerabilities
- Identify Telnet protocol vulnerabilities
- Configure SSH
- Configure vty ACLs
- Configure Cisco IOS secure HTTP server
- Understand switch security considerations
Lab 7-1: Secure Network Switches to Mitigate Security Attacks
Lesson 5: Lab 7-1 Debrief
Module 8: Accommodating Voice and Video in Campus Networks Accommodate voice and video in campus networks
Lesson 1: Planning for Support of Voice in a Campus Network
This lesson defines how to describe the best practices for implementing
voice in a campus network. Upon completing this lesson, you will be
able to:
- Discuss the components of a VoIP network and the components of IP telephony
- Compare the uniform bandwidth consumption of voice traffic to the intermittent bandwidth consumption of data traffic
- Compare video bandwidth consumption to voice and data bandwidth consumption based on video application types
- Identify a solution for latency, jitter, bandwidth, packet loss,
reliability, and security for voice and video traffic integration into a
data network
Lesson 2: Integrating and Verifying VoIP in a Campus Infrastructure
This lesson defines how to integrate VoIP in a campus infrastructure
and verify its integration. Upon completing this lesson, you will be
able to:
- Plan for VoIP requirements
- Describe Voice VLANs
- Configure and Verify Voice VLANs
- Plan PoE requirements and configure PoE
- Provide additional services required by VoIP devices
- Create a Test Plan for VoIP integration
Lesson 3: Working with Specialists to Accommodate Voice and Video on Campus Switches
This lesson defines how to plan integration of VoIP and video traffic
into a data network based on input from voice and video specialists.
Upon completing this lesson, you will be able to:
- Describe high availability applied to VoIP or video traffic
- Build an integrated voice/video/data campus network
- Explain the need for QoS for VoIP and video integration
- Configure basic QoS for voice and video VLANs
Lab 8-1: Plan Implementation and Verification of VoIP in a Campus Network
Lesson 4: Lab 8-1 Debrief
Module 9: Integrating Wireless LANs into a Campus Network Prepare campus networks for the integration of wireless LANs Lesson 1: Comparing WLANs with Campus Networks This lesson defines how to compare the topologies and equipment of WLANs with those of wired campus networks
- Describe WLANs
- Compare wired and wireless LAN
- Describe main wireless LAN topologies
- Describe the settings specific to WLANs, such as SSIDs, and WLAN-to-VLAN mapping
Lesson 2: Assessing the Impact of WLANs on Campus Networks This lesson defines how to assess the impact of WLANs on campus infrastructure operations
- Describe WLAN implementations
- Compare WLAN solutions
- Assess traffic flow in an autonomous AP configuration and its impact on the campus LAN
- Assess traffic flow in an controller-based configuration and its impact on the campus LAN
Lesson 3: Preparing the Campus Infrastructure for WLANs
This lesson defines how to create implementation and verification plans
for preparing infrastructure devices to integrate WLANs, and how to
configure the campus network accordingly
- Decide on the best placement for APs and controllers
- Configure switches for WLAN devices
- Gather WLAN requirements
- Plan WLAN integration
- Create a test plan
Lab 9-1: Integrate Wireless in the Campus
Lesson 4: Lab 9-1 Debrief
Agenda
Analyzing Campus Network Designs
- Enterprise Campus Architecture
- Cisco Lifecycle Services and Network Implementation
- Lab 1-1: New Hire Test
- Lab 1-1 Debrief
Implementing VLANs in Campus Networks
- Applying Best Practices for VLAN Topologies
- Configuring Private VLANs
- Configuring Link Aggregation with EtherChannel
- Lab 2-1: Design and Implement VLANs, Trunks, and EtherChannel
- Lab 2-1 Debrief
- Lab 2-2: Troubleshoot Common VLAN Configuration and Security Issues
- Lab 2-2 Debrief
- Configure Private VLANs
- Lab 2-3 Debrief
Implementing Spanning Tree
- Spanning Tree Protocol Enhancements
- Describing STP Stability Mechanisms
- Lab 3-1: Implement Multiple Spanning Tree
- Lab 3-1 Debrief
- Lab 3-2: Implement PVSRT+
- Lab 3-2 Debrief
- Lab 3-3: Troubleshoot Spanning Tree Issues Lesson 5: Lab 3-2 Debrief
Implementing Inter-VLAN Routing
- Describing Routing Between VLANs
- Deploying Multilayer Switching with Cisco Express Forwarding
- Lab 4-1: Implement Inter-VLAN Routing
- Lab 4-1 Debrief
- Lab 4-2 Troubleshoot Inter-VLAN Routing
- Lab 4-2 Debrief
Implementing a Highly Available Network
- Understanding High Availability
- Implementing High Availability
- Implementing Network Monitoring
- Lab 5-1: Implement High Availability in a Network Design
- Lab 5-1 Debrief
Implementing Layer 3 High Availability
- Configuring Layer 3 Redundancy with HSRP
- Configuring Layer 3 Redundancy with VRRP and GLBP
- Lab 6-1: Implement and Tune HSRP
- Lab 6-1 Debrief
- Lab 6-2: Implement VRRP Lesson 4: Lab 6-2 Debrief
Minimizing Service Loss and Data Theft in a Campus Network
- Understanding Switch Security Issues
- Protecting Against VLAN Attacks
- Protecting Against Spoofing Attacks
- Securing Network Services
- Lab 7-1: Secure Network Switches to Mitigate Security Attacks
- Lab 7-1 Debrief
Accommodating Voice and Video in Campus Networks
- Planning for Support of Voice in a Campus Network
- Integrating and Verifying VoIP in a Campus Infrastructure
- Working with Specialists to Accommodate Voice and Video on Campus Switches
- Lab 8-1: Plan Implementation and Verification of VoIP in a Campus Network
- Lab 8-1 Debrief
Integrating Wireless LANs into a Campus Network
- Lesson 1: Comparing WLANs with Campus Networks
- Assessing the Impact of WLANs on Campus Networks
- Preparing the Campus Infrastructure for WLANs
- Lab 9-1: Integrate Wireless in the Campus
- Lab 9-1 Debrief
Audience
This course is primarily intended for:
- Network professionals who will need to correctly implement switch-based solutions given a network design using Cisco IOS services and features
- Network Engineers
- Network Operations Center (NOC) technical support personnel
- Help Desk Technicians
Others who would find this course useful include:
- Any individual involved in network operations and support