CCNP Cisco Certified Network Professional

Cat1
CI-CCNP
AUD $1395




Course outlines for exams 640-553, 642-813, 642-832, & 642 902 are listed below in sequence.

Exam 640-553 Implementing Cisco IOS network Security

Course Introduction
Module 1 - Introduction to Network Security Principles
Introduction to Network Security Principles
Examining Network Security Fundamentals
Threats to Security
Addressing Internal Threats
External Threats
Threat Capabilities - More Dangerous and Easier to Use
Size of the Problem
The Evolution of Intent
Vulnerable Custom Applications
Network Security Objectives
Confidentiality
Integrity
Availability
Information Classification
Classification Levels
Classification Criteria
Information Classification Procedures
Distribution of Classified Materials
Information Classification Roles
Security Controls
Administrative Controls
Technical Controls
Physical Controls
Type of Controls
Computer Crime Investigations
Computer Crime Complications
Collection of Evidence
Types of Law
Ethics
Liability
Legal and Government Policy Issues
Section 1 - Review
Examining Network Attack Methodologies
Vulnerabilities, Risks, and Exploits
Main Vulnerability Categories
The Human Vulnerability Factor
Adversaries
Hackers, Crackers, and Phreakers
Computer Security Hackers
Motivations
Academic Hackers
Hobby Hackers
Thinking Like a Hacker
The Purpose of Defense in Depth
What Is Defense in Depth?
Examples of Defense in Depth
Early Defense in Depth Example
Defense in Depth Technical Example
Defense in Depth Non-Example
IP Spoofing
IP Spoofing - A Technical Discussion
IP Spoofing - Types of Attack
IP Source Routing Options
Man-in-the-Middle Attacks
Demo - MITM
Confidentiality Violations
Ping Sweeps and Port Scans
Packet Sniffers
Emanations Capturing
Overt and Covert Channels
Overt Channel Example
Stenography
Covert Channel Example
Phishing, Pharming, and Identity Theft
Integrity Violations
Trust Exploitation
Port Redirection
Password Attacks
Availability Violations
Botnets
DoS and DDoS Attacks
DDoS Example
TCP SYN Flooding
DoS Attacks Using ICMP
Smurf Attack
Electrical Power
Computing Environment
Best Practices to Defeat Hackers
Section 2 - Review
Examining Operations Security
Operations Security
Secure Network Lifecycle
Initiation Phase
Acquisition and Development Phase
Implementation Phase
Operations and Maintenance Phase
Disposition Phase
Principles of Operations Security
Separation of Duties
Rotation of Duties
Trusted Recovery
Change and Configuration Control
Network Security Testing and the System Development Life Cycle
Security Testing Techniques
Common Testing Tools
Nmap
SuperScan by Foundstone
Disaster Recovery and Business Continuity Planning
Disaster Recovery
Disruptions
Backups
Section 3 - Review
Understanding and Developing a Comprehensive Network Security Policy
Figure Out What You Are Protecting
Why Do You Need a Security Policy?
Who Uses the Security Policy?
Components of a Comprehensive Security Policy
Governing Policy Comes from the Top
Technical and End-User Policies
Standards, Guidelines, and Procedures
Standards
Guidelines
Procedures
Responsibilities for the Security Policy
Threat Identification and Risk Analysis
Risk Analysis
Quantitative Risk Analysis Formula
Benefits of Risk Analysis
Threat Identification and Risk Analysis Example
Risk Management and Risk Avoidance
Manage the Risk
Avoid the Risk
Secure Network Design Factors
Realistic Assumptions
Realistic Assumptions Example
Least Privilege Concept
Least Privilege Example
Design and Implementation Simplicity
Simplicity Example
Security Awareness
Awareness
Education and Training
Results of Security Awareness
Section 4 - Review
Building Cisco Self-Defending Networks
Threat Evolution
A Blurred Network Perimeter
The SQL Slammer Worm 30 minutes After \"Release\"
Cisco Self-Defending Network Overview
Benefits of Cisco Self-Defending Networks
Collaborative Systems Enabling Unparalleled Security
Cisco Self-Defending Network Defined
Threat Control and Containment
Secure Communications - Secure Data, Voice, Video, and Wireless
Operational Control and Policy Management
Cisco Security Manager Overview
Cisco Security MARS
Secure Network Platform
Section 5 - Review
Module 1 Review
Module 2 - Perimeter Security
Perimeter Security
Securing Administrative Access to Cisco Routers
Router Security Principles
How Routers Enforce Perimeter Security Policy
Cisco Integrated Services Routers
Cisco Integrated Services Router Features
Local and Remote Administrative Access
Configuring the Router Passwords
Password Creation Rules
Configuring a Router Password
Setting Timeouts for Router Lines
Configuring Minimum Password Lengths
Enhanced Username Password Security
Securing ROM Monitor
Configuring Multiple Privilege Levels
Configuring Role-Based CLI
Example: Creating a View Named \"NetOps\"
Example: Verifying Commands Available to the NetOps View
Securing the Cisco IOS Image and Configuration Files
Configuring Enhanced Support for Virtual Logins
Configuring Banner Messages
Section 1 - Review
Introducing Cisco SDM
Cisco SDM Overview
Starting Cisco SDM and Cisco SDM Express
Files Required to Run Cisco SDM from a Router
Launching Cisco SDM Express
Launching Cisco SDM
Navigating the Cisco SDM Interface
Cisco SDM Wizards in Configure Mode
Configure Mode - Advanced Configuration
Monitor Mode
Demo - Password Protecting a Router
Demo - Login Policies
Demo - View Editing
Section 2 - Review
Configuring AAA on a Cisco Router Using the Local Database
AAA Model - Network Security Architecture
Implementing Cisco AAA
Implementing Authentication Using Local Services
Authenticating Router Access
Router Local Authentication Configuration Steps
Configuring User Accounts Using Cisco SDM
Enabling and Disabling AAA Using Cisco SDM
Configuring AAA Authentication Using Cisco SDM
Additional AAA CLI Commands
AAA Configuration Example
Troubleshooting AAA Using the debug aaa authentication Command
Section 3 - Review
Configuring AAA on a Cisco Router to Use Cisco Secure ACS
Why Use Cisco Secure ACS?
Implementing Authentication Using External Servers
Cisco Secure ACS
Cisco Secure ACS Features
Cisco Secure ACS from Windows
Cisco Secure ACS Solution Engine
Cisco Secure ACS Express 5.0
Cisco Secure ACS View 4.0
TACACS+ and RADIUS AAA Protocols
TACACS+ Overview
RADIUS Overview
TACACS+/RADIUS Comparison
Cisco Secure ACS Prerequisites
Cisco Secure ACS 4.1 Homepage
Network Configuration
Interface Configuration
External Databases
Windows Database
Unknown User Policy
Group Setup
User Setup
Adding a AAA Server
Creating a AAA Login Authentication Policy
Applying an Authentication Policy
Creating a AAA Exec Authorization Policy
Creating a AAA Network Authorization Policy
AAA Accounting Configuration
AAA Configuration for TACACS+ Example
debug tacacs
debug tacacs events
Demo - AAA Authentication
Demo - Authentication Servers
Demo - ACS Server
Section 4 - Review
Implementing Secure Management and Reporting
Considerations for Secure Management and Reporting
Secure Management and Reporting Architecture
Secure Management and Reporting Guidelines
Syslog Systems
Cisco Security MARS
Cisco Security MARS Process Flow
Implementing Log Messaging for Security
Cisco Log Severity Levels
Log Message Format
Enabling Syslog Logging
Using Logs to Monitor Network Security
SNMPv1 and SNMPv2 Architecture
Community Strings
SNMPv3 Architecture
SNMP Security Models and Levels
Enabling SNMP with Cisco SDM
SNMP Trap Receiver
Secure Shell
Enabling SSH Using Cisco SDM
VTY Settings
Configuring an SSH Daemon Using the CLI
Manually Configuring Data and Time Settings
Network Time Protocol
Enabling NTP with Cisco SDM
Section 5 - Review
Locking Down the Router
Vulnerable Router Services and Interfaces
Management Service Vulnerabilities
Security Audit Home Page
Performing a Security Audit
Performing a One-Step Lockdown
Locking Down a Router Using Cisco Auto Secure
Limitations and Cautions
Demo - Router Hardening
Section 6 - Review
Module 2 Review
Module 03 - Network Security Using Cisco IOS Firewalls
Network Security Using Cisco IOS Firewalls
Introducing Firewall Technologies
What is a Firewall?
Expanding on the Definition
Firewall Benefits
Firewall Limitations
Firewalls in a Layered Defense Strategy
Static Packet Filtering Firewalls
Static Packet Filtering Example
Advantages and Disadvantages of Packet Filters
Application Layer Gateways
Proxy Server Communication Process
Advantages, Limitations, and Uses of Application Layer Gateways
Dynamic or Stateful Packet Filtering
Stateful Packet Filtering
Uses and Limitations of Stateful Packet Filters
Application Inspection Firewalls
Transparent Firewalls
Cisco IOS Firewall Features
Cisco Security Router Certifications
Cisco PIX 500 Series Security Appliances
Cisco ASA 5500 Series Adaptive Security Appliances
Firewall Best Practices
Section 1 - Review
Creating Static Packet Filters Using ACLs
Access Control Lists
Mitigating Threats Using ACLs
Outbound ACL Operation
Inbound ACL Operation
A List of Tests - Deny of Permit
Types of IP ACLs
Identifying ACLs
IP Access List Entry Sequence Numbering
ACL Configuration Guidelines
Wildcard Bits - How to Check the Corresponding Address Bits
Wildcard Bits to Match IP Subnets
Wildcard Bit Mask Abbreviations
Numbered Standard IPv4 ACL Configuration
Numbered Standard IPv4 ACL
Applying Standard ACLs to Control vty Access
Numbered Extended IPv4 ACL Configuration
Established Command
Displaying ACLs
Guidelines for Developing ACLs
ACL Caveats
ACL Editor - Access Rules
Standard Rule
Associate with an Interface (1)
Extended Rule
Associate with an Interface (2)
Routing Protocol Entries
IP Address Spoof Mitigation - Inbound
IP Address Spoof Mitigation - Outbound
Filtering ICMP Messages - Inbound
Filtering ICMP Messages - Outbound
Permitting Common Services
Router Service Traffic
Demo - ACL
Section 2 - Review
Configuring Cisco IOS Zone-Based Policy Firewall
Cisco IOS Zone-Based Policy Firewall
In the Beginning
Traditional Cisco IOS Firewall Stateful Inspection
The New Era: Cisco IOS Zone-Based Policy Firewall
Benefits of Zone-Based Policy Firewall
Zone-Based Policy Firewall Actions
Zone-Based Policy Firewall Rules for Application Traffic
Zone-Based Policy Firewall Rules for Router Traffic
Basic Firewall Configuration Wizard
Basic Firewall Interface Configuration
Applying Security Policy
Finishing the Wizard
Manually Configuring a Zone-Based Policy Firewall
Define Zones
Define Class Maps
Define Policy Maps
Assign Policy Maps to Zone Pairs
Reviewing the Cisco IOS Zone-Based Policy Firewall
Cisco IOS Zone-Based Firewall Policy Configuration
Viewing the Firewall Log
Monitoring the Cisco IOS Zone-Based Policy Firewall
Section 3 - Review
Module 3 Review
Module 4 - Site-to-Site VPNs
Site-to-Site VPNs
Examining Cryptographic Services
Cryptology Overview
Cryptography History
Substitution Cipher
Vigenere Cipher
Transposition
One-Time Pads
Transforming Plaintext into Ciphertext
Cryptanalysis
Encryption Algorithm Features
Encryption Keys
Symmetric Encryption Algorithms
Asymmetric Encryption Algorithms
Block and Stream Ciphers
Choosing an Encryption Algorithm
Key Comparisons
Overview of Cryptographic Hashes
What Is Key Management?
Keyspaces
Key Length Issues
SSL Overview
SSL Tunnel Establishment
Section 1 - Review
Examining Symmetric Encryption
Symmetric Encryption Overview
Symmetric Encryption Key Lengths
Acceptable Key Lengths
DES
DES Modes
DES ECB vs. CBC Mode
DES Usage Guidelines
3DES
3DES Encryption Process
AES
SEAL
RC Algorithms
Section 2 - Review
Examining Cryptographic Hashes and Digital Signatures
Overview of Hash Algorithms and HMACs
What Is a Hash Function?
Hashing in Action
Hashed Message Authentication Code
HMAC in Action
Message Digest 5
Secure Hash Algorithm 1
MD5 and SHA-1 Compared
Hash and HMAC Best Practices
Overview of Digital Signatures
Digital Signatures in Action
Digital Signatures Example
Digital Signature Standard
Digital Signature Best Practices
Section 3 - Review
Examining Asymmetric Encryption and PKI
Asymmetric Encryption Overview
Asymmetric Encryption Algorithms
Public Key Confidentiality Scenario
Asymmetric Confidentiality Process
Public Key Authentication Scenario
Asymmetric Authentication Process
RSA Algorithm
RSA Digital Signatures
RSA Usage Guidelines
The DH Algorithm
The DH Key Exchange Algorithm
Trusted Third-Party Protocols
Trusted Third-Party Example
PKI Terminology and Components
PKI Topologies - Single - Root CA
PKI Topologies - Hierarchical Cas
PKI Topologies - Cross - Certified Cas
PKI and Usage Keys
PKI Server Offload
Overview of Standardization
X.509v3
Public-Key Cryptography Standards
Simple Certificate Enrollment Protocol
Identity Management Using Digital Certificates and CAs
Retrieving CA Certificates
Certificate Enrollment
Authentication Using Certificates
Features of Digital Certificates and CAs
Caveats of Digital Certificates and CAs
Applications of Certificates
Section 4 - Review
Examining IPSec Fundamentals
What Is a VPN?
Benefits of VPNs
Site-to-Site VPNs
Remote-Access VPNs
Cisco IOS SSL VPN
Cisco VPN Products
Cisco VPN-Enabled IOS Routers
Cisco ASA Adaptive Security Appliances
VPN Clients
Hardware-Based Encryption
What is IPSec?
IPSec Security Services
Encryption Algorithms
DH Key Exchange
Data Integrity
Authentication
IPSec Advantages
IPSec Versus SSL
IPSec Security Protocols
Authentication Header
AH Authentication and Integrity
Encapsulating Security Payload
ESP Protocol
Modes of Use - Tunnel Versus Transport Mode
Tunnel Mode
IPSec Framework
Internet Key Exchange
IKE Communication Negotiation Phases
IKE Phase 1
First Exchange - IKE Policy Is Negotiated
Second Exchange - DH Key Exchange
Third Exchange - Authenticate Peer Identity
IKE Phase 2
Section 5 - Review
Building a Site-to-Site IPSec VPN
Site-to-Site IPSec VPN
Site-to-Site IPSec Configuration
Step 1: Ensure That ACLs Are Compatible with IPSec
Step 2: Create ISAKMP (IKE) Policies
IKE Policy Negotiation
Configure PSKs
Site-to-Site IPSec Configuration - Phase 1
Step 3: Configure Transform Sets
Transform Set Negotiation
Purpose of Crypto ACLs
Step 4: Create Crypto ACLs Using Extended ACLs
Configure Symmetric Peer Crypto ACLs
Crypto Map Parameters
Step 5: Configure IPSec Crypto Maps
Example: Crypto Map Commands
Applying Crypto Maps to Interfaces
Test and Verify IPSec
show crypto isakmp policy Command
show crypto ipsec transform-set Command
show crypto map Command
show crypto ipsec sa
Section 6 - Review
Configuring IPSec on a Site-to-Site VPN Using Cisco SDM
Introducing the Cisco SDM VPN Wizard Interface
Site-to-Site VPN Components
Launching the Site-to-Site VPN Wizard
Quick Setup
Step-by-Step Setup
Connection Settings
IKE Proposals
IPSec Transform Sets
Option 1: Single Source and Destination Subnet
Option 2: Using an ACL
Review the Generated Configuration
Test Tunnel Configuration and Operation
Monitor Tunnel Operation
Advanced Monitoring
Troubleshooting
Demo - IPSec
Section 7 - Review
Module 4 Review
Module 5 - Network Security Using Cisco IOS IPS
Network Security Using Cisco IOS IPS
Introducing IPS Technologies
Defining IDS and IPS
IDS and IPS Common Characteristics
IDS and IPS Operational Differences
Comparing IDS and IPS Solutions
Types of IDS and IPS Sensors
IPS Attack Responses
Event Monitoring and Management
Cisco IPS Management Software
Cisco IDS Event Viewer
Cisco Security MARS
HIPS Features
How HIPS Operates
Cisco HIPS Deployment
Network IPS Features
Cisco Network IPS Deployment
Comparing HIPS and Network IPS
Cisco IPS Appliances
Cisco IPS 4200 Series Sensors
Cisco ASA AIP-SSM
Cisco Catalyst 6500 Series IDSM-2
Cisco IPS AIM
IPS Signature Operational Characteristics
Signature Micro-Engines
Supported Signature Micro-Engines
Cisco Signature Alarm Types
Implementing Alarms in Signatures
IPS Configuration Best Practices
Section 1 - Review
Configuring Cisco IOS IPS Using Cisco SDM
Cisco IOS IPS Intrusion Prevention Technology
Primary Benefits of the Cisco IOS IPS Solution
Cisco IOS IPS Signature Features
Using Cisco SDM to Configure IPS
IPS Policies Wizard
IPS Config Location and Category
IPS Policy Summary
Cisco IOS IPS CLI Configuration
Setting Signature Severity
Configuring Signature Actions
Editing Signatures Using Cisco SDM
Support for SDEE and Syslog
Viewing SDEE Alarm Messages
Viewing Syslog IPS Alarms
Verifying IPS Policies
Verify IPS Operation
Section 2 - Review
Module 5 Review
Module 6 - LAN, SAN, Voice, and Endpoint Security Overview
LAN, SAN, Voice, and Endpoint Security Overview
Examining Endpoint Security
Cisco Host Security Strategy
Software Security Concepts
Operating System Vulnerabilities
Application Vulnerabilities
Input Validation
Buffer Overflows
Types of Buffer Overflows
Worms, Viruses, and Trojan Horses
Anatomy of a Worm Attack
Worm and Virus - Exploit Comparison (~20 Yrs)
IronPort Perimeter Security Appliances
IronPort E-Mail Security Appliance
IronPort Web Security Appliance
Cisco NAC Products
NAC Framework
Cisco NAC Appliance Overview - Components
Cisco NAC Appliance Overview - Process Flow
Cisco NAC Appliance Overview - Agent
Cisco Security Agent Architecture
Appliance, Kernel, and Interceptors
Cisco Security Agent Interceptors
Cisco Security Agent Attack Response
Operating System Guidelines
Application Guidelines
Section 1 - Review
Examining SAN Security
What Is a SAN?
Why Use SANs?
Benefits of a SAN
SAN Basics
LUN Masking
World Wide Names
Fibre Channel Fabric Zoning
Virtual SANs
SAN Security Scope
SAN Management Threats
Fabric and Target Access Threats
Target Access Security - Zoning
IP Storage and Transmission Security
Section 2 - Review
Examining Voice Security
What is VoIP?
Business Case for VoIP
Components of a VoIP Network
Major VoIP Protocols
Threats to IP Telephony Endpoints
Spam over IP Telephony
SPIT Example
Fraud
SIP Vulnerabilities
Separate Voice VLAN
Protect IP Telephony with Firewalls
Protect IP Telephony with VPNs
Protect IP Telephony Endpoints
Protect IP Telephony Servers
Section 3 - Review
Mitigating Layer 2 Attacks
Why Worry About Layer 2 Security?
Domino Effect
VLAN Overview
VLAN Hopping by Rogue Trunk
VLAN Hopping by Double Tagging
Mitigating VLAN Hopping Network Attacks
Redundant Topology
Loop Resolution with STP
STP Operation
STP Root Bridge Selection
STP Manipulation
PortFast
BPDU Guard
Root Guard
Verifying BPDU Guard
CAM Table Overflow Attack
MAC Address Spoofing Attack
Port Security
Configuring Port Security
Configuring Port Security Aging
Port Security Example
Verifying Port Security
Notification of Intrusions
Switched Port Analyzer
Remote SPAN
Lan Storm
Storm Control
Layer 2 Security Best Practices
Demo - Layer 2 Security
Section 4 - Review
Module 6 Review
Course Closure


Exam 642-813 Implementing Cisco IP Switched Networks

Course Introduction
Course Introduction
Module 1 - Analyzing Campus Network Designs
Campus Network Design
Overview of Cisco SONA
Benefits of SONA
Layers in the Heirarchical Model
Enterprise Campus Architecture
Access Layer
Distribution Layer
Core Layer
Is a Core Layer Needed?
Campus Core Layer
Small Campus Network
Medium Campus Network
Data Center Infrastructure Overview
Network Traffic Types
Client Server Farm Applications
Client Enterprise Edge Applications
Section 01 Summary
PPDIOO Network Life-Cycle Approach
Benefits of the Life-Cycle Approach
Planning an Implementation
Major Implementation Components
Example: Summary Implementation Plan
Example: Detailed Implementation Play
Section 02 Summary
Demo - Topology
Module 1 Review
Module 2 - Implementing VLANs in a Campus Network
Implementing VLANs
VLAN Deployment
End-to-End VLANs vs. Local VLANs
Planning an End-to-End VLAN Implementation
VLAN Configuration
Verifying the VLAN Configuration
Trunk Configuration
Demo - End-to-End VLANs
Switchport Mode Interactions
Trunk Configuration Recommendations
VTP Configuration
Verifying the VTP Configuration
Common Problems with VTP Configuration
Demo - VTP Configuration
Verifying General VLAN Operations
Common Trunk Link Problems
Example of a Troubleshooting Process
Resolving Trunk Link Problems
Issues with 802.1Q Native VLAN
Section 01 Summary
Access Switch: Protected Port
About PVLANs
PVLAN Port Types
Isolated PVLAN Configuration
Isolated PVLAN Configuration (1)
Isolated PVLAN Configuration (2)
Isolated PVLAN Configuration (3)
Isolated PVLAN Verification
Demo - Private VLANs
Demo - Promiscuous Mode
Community PVLAN Configuration
Community PVLAN Configuration (1)
Community PVLAN Configuration (2)
Community PVLAN Configuration (3)
Community PVLAN Verification
PVLAN Example
PVLANs Across Multiple Switches
Section 02 Summary
Multiple Links
EtherChannel
PAgP and LACP
PAgP Modes
LACP Modes
How to Configure Port Channels Using EtherChannel
Guidelines for Configuring EtherChannel
How to Configure Layer 2 EtherChannel
How to Verify EtherChannel
How to Configure EtherChannel Load Balancing
Demo - Ether Channel
Section 03 Summary
Module 2 Review
Module 03 - Implementing Spanning Tree
Implementing Spanning Tree
STP Standards
Comparison of Spanning-Tree Protocols
About STP
Spanning-Tree Cost and Priority
Default Spanning-Tree Configuration
PVRST+ Configuration
RSTP Port Roles
Spanning-Tree Port Types and States
RSTP State Transitions
RSTP Proposal-Agreement Sequence
RSTP Link Types
RSTP Edge Ports
PortFast Configuration
Bridge Priority with Extended System ID
Verifying PVRST+
Demo - Spanning Tree
Demo - Spanning Tree Cost
Introducing MSTP
MST Regions
Extended System ID in Bridge ID Field
Implementing MST
Verifying MSTP
Summary 01 Review
Cisco STP Toolkit
Protecting the Operation of STP
BPDUGuard Configuration
BPDUFilter Configuartion
RootGuard
Verifying RootGuard
Before LoopGuard
With LoopGuard
Configuring LoopGuard
Unidirectional Link Failure
Configuring UDLD
Comparing LoopGuard with UDLD
Recommended Practices - UDLD Configuration
Implementing a Spanning-Tree Protocol
Spanning-Tree Recommendations
FlexLinks in the Access Layer
Section 02 Summary
Module 3 Review
Module 04 - Implementing Inter-VLAN Routing
Inter-VLAN Routing
Inter-VLAN Routing Using an External Router
Router on a Stick
Exteral Router Configuration
Demo - Router on a Stick
External Router: Advantages and Disadvantages
Routed vs. Switched Campus Architecture
Switch Virtual Interfaces
SVI Configuration
SVI autostate exclude Command
Demo - SVI
Routed Ports on a Multilayer Switch
Configuration of a Routed Interface
Demo - Layer 3 Port
Layer 2 EtherChannel vs. Layer 3 EtherChannel
Configuration of Layer 3 EtherChannel
Verification of SVIs and Routed Interfaces
Routing Protocol Configuration
Verification of Routing Protocol
DHCP Service
About DHCP
DHCP Configuration
DHCP with the ip helper Command
Verification of the DHCP Operation
Section 01 Summary
Multilayer Switching
IP Unicast Frame and Packet Rewrite
CAM and TCAM Tables
Distributed Hardware Forwarding
Layer 3 Switch Processing
Cisco Switching Methods
Route Caching
Topology-Based Switching
Multilayer Switches Based on Cisco Express Forwarding
Verifying Cisco Express Forwarding
Section 02 Summary
Module 4 Review
Module 05 - Implementing a Highly Available Network
High Availability
Components of High Availability
Redundancy
Technology
People
Processes
Tools
Resiliency for High Availability
Network-Level Resiliency
High Availability and Failover Times
Optimal Redundancy
Provide Alternate Paths
Avoid Too Much Redundancy
Avoid Single Points of Failure
Cisco NSF with SSO
Routing Protocol Requirements for Cisco NSF
Section 01 Summary
Layer 2 Distributed VLANs on Access Switches
Layer 2 Local VLANs on Access Switches
Layer 3 Access-to-Distribution Interconnection
Daisy-Chaining Access Layer Switches
Daisy-Chaining Access Switch Issues
StackWise Technology Access Switches
Avoiding Too Little Redundancy
Impact of Uplink Failure
Section 02 Summary
Network Management Overview
Syslog Overview
Syslog Features
Cisco Syslog Message Standard
Example: Syslog Messages
System Log Configuration
Demo - Logging
SNMP Overview
About SNMPv2
About SNMPv3
SNMP Recommendations
SNMP Configuration
Demo - SNMP
SLA Review
IP SLA Measurements
IP SLA Operations
IP SLA Source and Responder
IP SLA Operation with Responder
IP SLA Responder Time Stamps
IP SLA Configuration
IP SLA Verification
Section 03 Summary
Module 5 Review
Module 6 - Implementing Layer 3 High Availability
First-Hop Redundancy
Routing Issues: Using Proxy ARP
Routing Issues: Using Default Gateways
Router Redundancy
Router Redundancy Failover
HSRP Configuration
Virtual Router MAC Address
Forwarding Through Active Router
Active and Standby Routers
HSRP States
HSRP State Transition
HSRP Priority and Preemption
HSRP and STP
HSRP Authentication
HSRP and Timers
HSRP Timer Configuration
HSRP Versions
Displaying the Standby Status
HSRP Interface Tracking
Tracking Options
HSRP and IP SLA Tracking
Demo - HSRP
Multiple HSRP Groups
Multiple HSRP Group Configuration
Monitoring HSRP
Section 01 Summary
HSRP vs. VRRP
About VRRP
VRRP Operations Process
VRRP Configuration
About GLBP
GLBP vs. HSRP
GLBP Operations
GLBP Operation
GLBP Interface Tracking
GLBP Weights and Decrements
GLBP Configuration
GLBP and VLAN Spanning
Section 02 Summary
Module 6 Review
Module 7 - Minimizing Service Loss and Data Theft in a Campus Network
Minimizing Service Loss and Data Theft
Overview of Switch Security
Modularizing Internal Security
Reasons for Internal Security
Rogue Devices
Switch Attack Categories
MAC Flooding Attack
Port Security Prevents MAC-Based Attacks
Configuring Port Security on a Switch
Verifying Port Security
Verifying Port Security (Cont.)
Configuring Sticky MAC Addresses
Demo - Port Security
AAA Network Configuration
Configuring User AAA Authentication
Demo - Authentication
802.1X Port-Based Authentication
Configuring 802.1X
Section 01 Summary
Explaining VLAN Hopping
VLAN Hopping with Double Tagging
Mitigating VLAN Hopping
Types of ACLs
Configuring VACLs
Demo - VACL
Section 02 Summary
Cisco Catalyst Intergrated Security Features
DHCP Spoofing Attacks
DHCP Messages
DHCP Snooping Protects Against Rogue and Malicious DHCP Servers
DHCP Snooping
Configuring DHCP Snooping
Verifying DHCP Snooping
ARP Poisoning
DAI Protection Against ARP Poisoning
About DAI
Configuring DAI
IP Source Guard Protection Against Spoofed IP Addresses
IP Source Guard
Catalyst Intergrated Security Configuration
Section 03 Summary
Discovering Neighbors with Cisco Discovery Protocol
Neighbor Discovery Protocols
Cisco Discovery Protocol Configuration
Demo - Neighbor Discovery
LLDP Configuration
Vulnerabilities of Discovery Protocols
Vulnerabilities of the Telnet Protocol
About SSH
Configuration of SSH
Configuration of vty ACLs
Configuration of an HTTP Server
Section 04 Summary
Module 7 Review
Module 8 - Accommodating Voice and Video in Campus Networks
Voice and Video
Unified Communications
IP Telephony Components
Characteristics of Voice and Data
Video Applications
Voice and Video Traffic
Requirements for Voice, Data, and Video Traffic
Voice and Video in the Campus Network
Section 01 Summary
Meeting the Requirements
Voice Implementation Steps
Voice VLANs
IP Telephony Extends the Network Edge
Multi-VLAN Access Port
Voice VLAN Configuration
Demo - Voice VLANs
Power Sources for Access Points and IP Phones
Power over Ethernet (PoE)
Power over Ethernet 802.3af
New PoE Developments
PoE Switch
Switch Power Budget
PoE Switch Port Status
Additional VoIP Services
Test Plan
Section 02 Summary
High Availability for VoIP and Video
Building a Voice, Video, and Data Campus Network
Determining Equipment and Cabling Needs
Resource Contention
Recommended Practices: QoS
QoS in the Campus Network
Classification and Marking
Layer 2 Marking: 802.1p, CoS
Layer 3 Marking: IP Precedence, DSCP
Classification Tools: Trust Boundaries
Cisco IP Phone Connected to a Switch
Voice VLAN Configuration 2
Demo - MLS QOS
Cisco AutoQoS
Cisco AutoQoS Configuration
Monitoring Cisco AutoQoS
Section 03 Summary
Module 8 Review
Module 9 - Integrating Wireless LAN into a Campus Network
Wireless LAN
Cisco Unified Wireless Network Components
Wireless LAN 2
WLANs and LANs
Similarities Between WLANs and LANs
Differences Between WLANs and LANs
Summary of Differences Between WLANs and LANs
WLAN AP Topology
About SSIDs
SSID and VLAN Support
Client Roaming
Layer 2 vs. Layer 3 Roaming
Security on WLANs and LANs
Section 01 Summary
Cisco WLAN Implementations
Standalone WLAN Solution 1
Traffic Flow Between Wireless Clients - Standalone WLAN Solution
Controller-Based WLAN Solution 1
Controller-Based WLAN Solution 1 (Cont.)
Traffic Flow Between Wireless Clients - Controller-Based WLAN Solution
About H-REAP
Comparison of WLAN Solutions
Types of WLAN Controllers
Standalone WLAN Solution 2
SSIDs, VLANs, and Trunks in the Standalone Solution
Controller-Based WLAN Solution 2
SSIDs, VLANs, and Trunks in the Controller-Based Solution
SSIDs, VLANs, and Trunks with the H-REAP
Controller-Based AP Protocol
WLC Ports and Protocols
Section 02 Summary
AP and Controller Placement
Distributed WLC Deployment
Centralized WLC Deployment
WLAN Devices Connected to Switches
WLAN Device Connections
Standalone AP and H-REAP
Controller-Based AP
WLAN Controller
4400 Series Controller with Link Aggregation
Link Aggregation
Switch Configuration for Link Aggregation
Cisco WiSM in Catalyst 6500 Series Switch
Cisco WiSM in Catalyst 6500 Series Switch (Cont.)
Gathering Requirements
Implementation Plan
Test Plan
Section 03 Summary
Course Closure


Exam 642-832 Troubleshooting and Maintaining Cisco IP Networks

Course Introduction
Course Introduction
Module 1 - Planning Maintenance for Complex Networks
Lesson: Applying Maintenance Methodologies
What Is Involved in Network Maintenance?
Network Maintenance Approaches
Benefits of a Structured Approach
Network Maintenance Methodology
Models and Tools
Summary
Lesson: Common Maintenance Processes and Procedures
Common Maintenance Tasks
Common Maintenance Tasks (Cont.)
Common Maintenance Processes
Scheduled Maintenance
Change Control Procedures
Network Documentation
Teamwork and Communication
The Importance of Consistency
Replacing Failed Equipment
Measuring Network Health
Summary
Lesson: Network Maintenance Tools, Applications, and Resources
A Basic Network Maintenance Toolkit
Backup and Restore
Backup and Restore (Cont.)
Archiving Configurations
Archiving Configurations (Cont.)
Demo - File Archiving Part 1
Demo - File Archiving Part 2
Restoring Configurations
Demo - Configuration Restoration
Network Time Protocol Example
Demo - Time Commands
Configuring Logging Example
Demo - Logging
Online Resources
Documentation Support
Resource Management
Proactive Fault Management
Measuring Network Performance
Measuring Network Performance (Cont.)
Summary
Module 1 Review
Module 2 - Planning Troubleshooting Processes for Complex Enterprise Networks
Lesson: Applying Troubleshooting Methodologies
What Is Troubleshooting?
Diagnostic Principles
Troubleshooting Methods
The \"Shoot from the Hip\" Method
Structured Troubleshooting
Top-Down Troubleshooting
Top-Down Troubleshooting (Cont.)
Bottom-Up Troubleshooting
Bottom-Up Troubleshooting (Cont.)
Divide and Conquer
Follow the Path
Spot the Differences
Move the Problem
Discussion: Troubleshooting Case
Summary
Lesson: Planning and Implementing Troubleshooting Procedures
The Troubleshooting Process
Defining the Problem
Gathering Information
Analyzing the Facts
Eliminating Possible Causes
Example: Elimination and Assumptions
Discussion: Elimination and Assumptions
Formulating a Hypothesis
Testing the Hypothesis
Solving the Problem
Demo - Duplex Problem
Summary
Lesson: Integrating Troubleshooting into the Network Maintenance Process
Network Maintenance Tasks
Troubleshooting as Part of Maintenance
Updating Documentation
Defining Network Performance Profiles
Troubleshooting and Communication
Troubleshooting and Changes
Summary
Module 2 Review
Module 3 - Maintenance and Troubleshooting Tools and Applications
Lesson: Assembling a Basic Diagnostic Toolkit Using Cisco IOS Software
Filtering Command Output
Example: Filtering show ip route
Example: Filtering show ip route (Cont.)
Filtering show Command Output
Filtering show Command Output (Cont.)
Redirecting show Command Output
Redirecting show Command Output (Cont.)
Extended Ping
Extended Ping (Cont.)
Demo - Information Gathering
Using Telnet to Test the Transport Layer
Basic Hardware Diagnostics
Example: show processes cpu
Example: show memory
Example: show interface
Additional Hardware Diagnostics
Demo - Hardware Information
Summary
Lesson: Using Specialized Maintenance and Troubleshooting Tools
Supporting the Troubleshooting Process
Supporting the Troubleshooting Process (Cont.)
Using a Packet Sniffer
SPAN and RSPAN
Example: SPAN Configuration
Demo - Network Sniffing
Example: RSPAN Configuration
Example: RSPAN Verification
Creating a Baseline Using SNMP and NetFlow Technology
Example: Configuring a Device for SNMP Access
Demo - Configuring SNMP
Example: Configuring a Device for NetFlow Accounting
Example: Examining the NetFlow Cache
Example: Configuring a Device for NetFlow Export
Event Notification
Example: Notification Through SNMP Traps
Example: Cisco IOS EEM Configuration
Example: EEM Configuration (Cont.)
Summary
Module 3 Review
Module 4 - Maintaining and Troubleshooting Campus Switching-Based Solutions
Lesson: Troubleshooting VLANs
LAN Switching Review
Layer 2 Switching Process
Layer 2 Switching Process (Cont.)
Discussion: Typical LAN Switching Problems
Layer 2 Frame Forwarding Information
Verifying Layer 2 Forwarding
Summary
Lesson: Troubleshooting Spanning Tree
Spanning-Tree Review
Spanning Tree: Root Bridge
Spanning Tree: Root Ports
Spanning Tree: Designated Ports
Spanning Tree: Forwarding and Blocking
Spanning-Tree Verification
Spanning Tree Cisco IOS Commands
Spanning Tree Cisco IOS Commands (Cont.)
Demo - Troubleshooting Spanning Tree
Bridging Loops and Broadcast Storms
Bridging Loops and Broadcast Storms (Cont.)
EtherChannel Technology
Summary
Lesson: Troubleshooting Switched Virtual Interfaces and Inter-VLAN Routing
Routing and Multilayer Switching
Control Plane Versus Data Plane
Control Plane Versus Data Plane (Cont.)
Routed Ports and SVIs
Routed Ports and SVIs (Cont.)
Demo - Troubleshooting Inter-VLAN Routing
Summary
Lesson: Troubleshooting FHRPs
First Hop Redundancy Protocols
HSRP Example
HSRP Example (Cont.)
Discussion: HSRP Convergence
Analyzing HSRP Operation (Cont.)
HSRP Debug Example
HSRP Debug Example (Cont.)
Demo - Troubleshooting HSRP
Compare and Contrast: VRRP and GLBP
HSRP, VRRP, and GLBP Commands
Equivalent Troubleshooting Commands
Summary
Lesson: Troubleshooting Performance Problems on Switches
Defining Performance Problems
Switch Performance
Checking for Interface Errors
Duplex Mismatches
Case Study: Duplex Problem
Duplex Mismatch: Full-Duplex Side
Duplex Mismatch: Half-Duplex Side
Auto-MDIX and Duplex
Configuring Auto-MDIX
Verifying Auto-MDIX
Forwarding Hardware
Ternary Content Addressable Memory
Troubleshooting TCAM Utilization
Verifying TCAM Utilization
TCAM Allocation Failures
Traffic Forwarding to the CPU
Displaying CPU Load on a Switch
Troubleshooting CPU Problems
Summary
Module 4 Review
Module 5 - Maintaining and Troubleshooting Routing-Based Solutions
Lesson: Troubleshooting Network Layer Connectivity
IP Routing Review
Case Study: Routing a Packet
Case Study: Routing a Packet (Cont.)
Quiz: Packet and Frame Headers
Answers: Packet and Frame Headers
Data Structures Used for Routing
Verifying Routing Information
Verifying Layer 2 Encapsulation
Demo - CEF
Summary
Lesson: Troubleshooting EIGRP
Exchanging and Processing Routing Information
EIGRP Data Structures
EIGRP Routing Update Process
EIGRP Commands
Case Study: Troubleshooting EIGRP
Case Study: Troubleshooting EIGRP (Cont.)
Demo - Troubleshooting EIGRP
Summary
Lesson: Troubleshooting OSPF
Exchanging and Processing Routing Information
OSPF Data Structures
The OSPF Link-State Database
OSPF Quiz: LSA Type Review
OSPF Quiz: Answers
OSPF Quiz: Answers (Cont.)
Requirement to Become OSPF Neighbors
Establishing OSPF Adjacencies
OSPF Interarea Routing
OSPF Commands
Case Study: Troubleshooting OSPF
Case Study: Troubleshooting OSPF (Cont.)
Demo - Troubleshooting OSPF
Summary
Lesson: Troubleshooting Route Redistribution
Route Injection and Redistribution
Redistribution and the Routing Table
Seed Metrics
Troubleshooting Redistribution
Commands to Verify Redistribution
Case Study: Redistribution from OSPF to EIGRP
Case Study: Redistribution from OSPF to EIGRP (Cont.)
Summary
Lesson: Troubleshooting BGP
Exchanging and Processing Routing Information
BGP Data Structures
BGP Routing Update Process
BGP Commands
Case Study: Troubleshooting BGP
Case Study: Troubleshooting BGP (Cont.)
Summary
Lesson: Troubleshooting Performance Problems on Routers
Introduction to High CPU Utilization
Slow Router Performance
Router Does Not Respond to Service Requests
Common Causes of High CPU Utilization
Common Causes of High CPU Utilization (Cont.)
Useful Commands
Useful Commands (Cont.)
Understanding Cisco IOS Switching Options
Process Switching
Fast Switching
Cisco Express Forwarding
Troubleshooting Process and Fast Switching
Troubleshooting Process and Fast Switching (Cont.)
Troubleshooting Cisco Express Forwarding
Troubleshooting Cisco Express Forwarding (Cont.)
Using Cisco IOS Tools to Analyze Packet Forwarding
Troubleshooting Router Memory Issues
Common Memory Problems
Common Memory Problems (Cont.)
BGP Memory Use
BGP Memory Use (Cont.)
Summary
Module 5 Review
Module 6 - Maintaining and Troubleshooting Network Security Solutions
Lesson: Troubleshooting Security Features
Network Security
Network Device Security
Management Plane Security
Management Plane Security (Cont.)
Control Plane Security
Data Plane Security
Troubleshooting Network Security Guidelines
Summary
Lesson: Security Features Review
Troubleshooting Flow for Layer 4 Problems
Troubleshooting Flow for Layer 4 Problems (Cont.)
Cisco IOS Firewall
Cisco IOS Firewall (Cont.)
Cisco IOS Firewall Verification
Cisco IOS Firewall Logging and Debugging
Zone-Based Policy Firewall
Zone-Based Policy Firewall Configuration Example
Zone-Based Policy Firewall Logging and Debugging
Zone-Based Policy Firewall Verification
AAA
Authentication
Authorization
Accounting
TACACS+ and RADIUS
Common TACACS+ Failures
Common RADIUS Failures
Common RADIUS Failures (Cont.)
Demo - AAA Authentication and Access Lists
Cisco Secure Access Control Server
Summary
Module 6 Review
Module 7 - Maintaining and Troubleshooting Integrated, Complex Enterprise Networks
Lesson: Troubleshooting Complex Environments
Troubleshooting Complex Environments
Summary
Module 7 Review

Exam 642-902 CCNP ROUTE - Implementing Cisco IP Routing

Course Introduction
Course Introduction
Module 1 - Planning Routing Services
Lesson: Assessing Complex Enterprise Network Requirements
Cisco Enterprise Architectures
Cisco Hierarchical Network Model
Example: Hierarchical Campus Model
Example: Hierarchical Network Model WAN
Enterprise Composite Network Model Functional Areas
Enterprise Composite Network Model
Network Traffic Mix
Network Requirements
Example: Enterprise Network 1
Cisco SONA Framework
Cisco SONA Framework Layers
Intelligent Information Network
Example: Enterprise Network 2
Routing Protocols
Routing Protocol Comparison
Example: Enterprise Network 3
Summary
Lesson: Creating an Implementation Plan and Documenting the Implementation
Implementing Routing in the Network
Structured Approach
Models and Tools
Create the Implementation Plan 1
Identify the Required Network Information
Identify Other Requirements
Create the Implementation Plan 2
Implementation Plan Documentation
What to Document?
Example: Implementation Plan
Enterprise Network Topology Required
Identify Network Information and Requirements
Creation of the Implementation Plan
Demo - Network Planning
Summary
Module 1 Review
Module 2 - Implementing an EIGRP-Based Solution
Lesson: Planning Routing Implementations with EIGRP
EIGRP Capabilities and Attributes
EIGRP Capabilities and Attributes (Cont.)
EIGRP Key Technologies
EIGRP Packets
Initial Route Discovery
EIGRP Neighbor Table
EIGRP Topology Table
EIGRP IP Routing Table
Example: EIGRP Tables
DUAL Terminology
DUAL Operation
Example: Advertised Distance (AD)
Example: Feasible Distance (FD)
Example: Successor and Feasible Successor
Example: Successor and Feasible Successor Solve Loop Issue
EIGRP Metric
EIGRP Metric Calculation
Example: EIGRP Metrics Calculation
Example: EIGRP Metrics Calculation (Cont.)
Planning for EIGRP
EIGRP Implementation Plan
Documenting EIGRP
Example: Planning for Basic EIGRP
Requirements for Basic EIGRP Configuration
Steps to Configure Basic EIGRP
Define EIGRP as a Routing Protocol
Define Networks Participating in EIGRP
Define Interface Bandwidth
Example: Basic EIGRP Configuration
Demo - EIGRP Overview
Summary
Lesson: Implementing and Verifying Basic EIGRP for the Enterprise LAN Architecture
EIGRP Deployment
Verifying EIGRP Neighbors
Verifying EIGRP Neighbors (Cont.)
Verifying EIGRP Routes
Verifying EIGRP Operation
Verifying EIGRP Operation (Cont.)
Using Passive Interfaces
Using Passive Interfaces (Cont.)
Verify Operation with Passive Interfaces
Using the ip default network Command with EIGRP
Using the ip default network Command with EIGRP (Cont.)
Verifying Default Network Information
Route Summarization
EIGRP Automatic Route Summarization
EIGRP Manual Route Summarization
Configuring Route Summarization
Verifying Route Summarization
Demo - Implementing EIGRP
Summary
Lesson: Configuring and Verifying EIGRP for the Enterprise WAN Architecture
Frame Relay Overview
EIGRP with Dynamic Mapping
EIGRP with Dynamic Mapping (Cont.)
EIGRP with Static Mapping
EIGRP with Static Mapping (Cont.)
Frame Relay Multipoint Subinterfaces
EIGRP over Multipoint Subinterfaces
EIGRP over Multipoint Subinterfaces (Cont.)
EIGRP Unicast Neighbor
EIGRP Unicast Neighbor (cont.)
Verifying EIGRP Unicast Neighbors
Frame Relay Point-to-Point Subinterfaces
EIGRP over Point-to-Point Subinterfaces
EIGRP over Point-to-Point Subinterfaces (Cont.)
EIGRP Load Balancing
EIGRP Load Balancing (Cont.)
EIGRP Unequal-Cost Load Balancing
EIGRP Unequal-Cost Load Balancing (Cont.)
Demo - Multipath
EIGRP Bandwidth Utilization over WAN
Bandwidth Utilization Issues
EIGRP Hub-and-Spoke WAN Utilization
EIGRP Multipoint WAN Utilization
EIGRP Hybrid Multipoint WAN Utilization (Cont.)
AToM Overview
Layer 2 and Layer 3 MPLS VPN Solutions
Layer 3 MPLS VPN Overview
Customer MPLS Perspective
Ethernet Port-to-Port Connectivity
Ethernet VLAN Connectivity
EIGRP over EoMPLS
EIGRP over Layer 3 MPLS VPN
Summary
Lesson: Implementing and Verifying EIGRP Authentication
Router Authentication
Router Authentication (Cont.)
Simple Password vs. MD5 Authentication
MD5 Authentication for EIGRP
Key Chain
Planning for EIGRP Authentication
Requirements for EIGRP Authentication
Steps to Configure EIGRP MD5 Authentication
Configure Authentication Mode
Configure the Key Chain
Configure the Lifetime of The Key or Keys
Enable Authentication of EIGRP Packets
Router R1 Configuration for MD5 Authentication
Verifying MD5 Authentication for EIGRP
Verifying MD5 Authentication for EIGRP (Cont.)
Misconfigured Key
Summary
Lesson: Advanced EIGRP Features in an Enterprise Network
Scalability in Large Networks
Factors that Influence EIGRP Scalability
EIGRP Design Challenges
EIGRP Query Process
EIGRP Query Process Stuck-in-Active
Active Process Enhancement
Updates and Queries Without an EIGRP Stub
Updates and Queries Using EIGRP Stub
EIGRP Stub
EIGRP Stub Configuration Planning
EIGRP Stub Options
Configuring eigrp stub connected
Configuring eigrp stub summary
Configuring eigrp stub static
Configuring eigrp stub receive-only
Configuring eigrp stub redistributed
Summary
Module 2 Review
Module 03 - Implementing a Scalable Multiarea Network OSPF-Based Solution
Lesson: Planning Routing Implementations with OSPF as the Scalable Routing Protocol
Link-State Protocols
Link-State Protocol Data Structures
OSPF Areas
Area Terminology and Router Types
OSPF Adjacencies
OSPF Calculation
OSPF Metric
Building the LSDB
Link-State Data Structures: LSA Operation
Defining the \"More Recent\" LSA
LSA Sequence Numbering
LSA Sequence Numbers and Maximum Age
Planning for OSPF
OSPF Implementation Plan
Documenting OSPF
Example: Planning for Basic OSPF
Summary
Lesson: How OSPF Packet Processes Work
OSPF Functions
OSPF Packet Header Format
OSPF Packet Types
Neighbor Relationship: The Hello Packet
OSPF Routing Update Packets
Establishing Bidirectional Communication
Discovering the Network Routes
Adding the Link-State Entries
OSPF Neighbor States
Flooding Changes in Topology
The debug ip ospf packet Command
Demo - OSPF Intro
Summary
Lesson: Improving Routing Performance in a Complex Enterprise Network
OSPF Network Types
Point-to-Point Links
Multiaccess Broadcast Network
OSPF Adjacency Over Metro Ethernet and EoMPLS
OSPF Adjacency Over MPLS VPN
Electing the DR and BDR
Setting the Priority for DR Election
Demo - DR BDR Election
NBMA Topology
DR Election in NBMA Topology
Frame Relay Topologies
OSPF over NBMA Topology Modes of Operation
Nonbroadcast Mode (NBMA Mode)
Steps to Configure NBMA Mode
Nonbroadcast Mode Operation
NBMA Configuration Example
The show ip ospf neighbor Command
Using Subinterfaces
Point-to-Point Subinterfaces
Point-to-Point Subinterface Example
Multipoint Subinterfaces
Multipoint Subinterface Example
Point-to-Point Mode
Point-to-Point Configuration Example
Point-to-Point Verification Example
Point-to-Multipoint Mode
Point-to-Multipoint Configuration Example
Point-to-Multipoint Verification Example
Point-to-Multipoint Nonbroadcast
OSPF over NBMA Topology Summary
Summary
Lesson: Configuring and Verifying OSPF Routing
Initializing Single-Area and Multiarea OSPF
Planning for OSPF
Steps to Configure Basic OSPF
Configuring OSPF for Multiple Areas
OSPF Router ID
Configuration of Loopback Interfaces
Setting OSPF Router ID
OSPF Router ID Verification
Steps to Verify Basic OSPF
Example: The show ip ospf Command
Example: The show ip ospf interface Command
Example: The show ip ospf neighbor Command
Example: The show ip route ospf Command
Example: The show ip protocols Command
LSA Types
LSA Type 1: Router LSA
LSA Type 2: Network LSA
LSA Type 3: Summary LSA
LSA Type 4: ASBR Summary LSA
LSA Type 5: External LSA
LSA Type 7: NSSA External LSA
Example of Different LSAs
OSPF LSDB: Intra-Area Routing
OSPF LSDB: Intra-Area Routing (Cont.)
OSPF LSDB: Interarea Routing
OSPF LSDB: Interarea Routing (Cont.)
OSPF LSDB: External Routes
OSPF LSDB: External Routes (Cont.)
OSPF LSDB: NSSA
OSPF LSDB: NSSA (Cont.)
OSPF LSDB: Virtual Link
OSPF LSDB: Virtual Link (Cont.)
The show ip route Command
Interpreting the Routing Table: Types of Routes
Calculating Costs for E1 and E2 Routes
OSPF LSDB: Overload Protection
OSPF Passive Interface
Design Limitations of OSPF
Virtual Links as a Solution
No Direct Physical Connection to Area 0
Discontiguous Area 0
OSPF Virtual Link Configuration
Virtual Link Verification
Virtual Link Verification in OSPF LSDB
OSPF Cost
Changing The Default OSPF Cost
Demo - OSPF LSA Types
Summary
Lesson: Configuring and Verifying OSPF Route Summarization
Summarization
Benefits of Route Summarization
Interarea Route Summarization
Using Route Summarization
Configure Interarea Route Summarization
Route Summarization Configuration Example at the ABR
External Route Summarization
Configure External Route Summarization
Route Summarization Configuration Example at ASBR
Default Routes in OSPF
Configure OSPF Default Route
Default Route Configuration Example
Summary
Lesson: Configuring and Verifying OSPF Special Area Types
OSPF Area Types and Structures
Types of Areas
OSPF Router and LSA Types
Stub and Totally Stub Area Rules
OSPF Stub Areas
Stub Area Configuration
OSPF Stub Area Configuration Example
OSPF Totally Stubby Areas
Totally Stubby Area Configuration
Totally Stubby Configuration Example
Routing Table in a Normal Area
Routing Table in a Stub Area
Routing Table in a Stub Area with Summarization
Routing Table in a Totally Stubby Area
OSPF Not-So-Stubby Areas (NSSAs)
OSPF Totally NSSA Areas
Totally NSSA Area Configuration
NSSA Configuration Example
Totally NSSA Configuration Example
Example of Different Areas
show Commands for Stub and NSSA
Demo - OSPF Stub Areas
Summary
Lesson: Configuring and Verifying OSPF Authentication
OSPF Authentication Types
Configure Simple Password Authentication for OSPF
Simple Password Authentication Configuration Example
Simple Password Authentication Configuration for Virtual Links
Verifying Simple Password Authentication
Configure OSPF MD5 Authentication
OSPF MD5 Authentication Configuration Example
Verifying MD5 Authentication
Authentication Verification
Successful Simple Password Authentication Verification
Troubleshooting Simple Password Authentication Problems
Successful MD5 Authentication Verification
Troubleshooting MD5 Authentication Problems
Summary
Module 3 Review
Module 4 - Implement a IPv4-Based Redistribution Solution
Lesson: Assessing Network Routing Performance and Security Issues
Common Factors Affecting Network Performance
Routing Updates
Filtering Routing Updates
Running Multiple Routing Protocols
Controlling Routing Updates
Using Route Filters
Controlling Routing Update Traffic Using Distribute Lists
Steps to Configure Distribute List Filters
Configuring a Distribute List Filter
Filtering Routing Updates with a Distribute List
Demo - Route Filtering
Controlling Redistribution with Distribute Lists
IP Prefix Filters
Controlling Redistribution with Prefix Lists
Prefix List Matching Rules
Prefix List Matching Without ge or le
Prefix List Matching With ge or le
Configuring Prefix Lists Examples
Configuring Prefix Lists Examples (Cont.)
Route Maps
Route Map Applications
Route Map Operation
Route Map Operation (Cont.)
Steps to Configure A Route Map
Configuring A Route Map
Attaching a Route Map to an Interface
Steps to Configure Redistribution with Route Maps
Route Map Redistribution Commands
Route Maps and Redistribution Commands Example
Filtering Routing Updates
Passive Interface
Using the passive-interface Command
Summary
Lesson: Operating a Network Using Multiple IP Routing Protocols
Complex Routing Scenarios
Using Multiple Routing Protocols
Using Multiple IP Routing Protocols
Redistribution
Redistribution Route Information
Using Seed Metrics
Default Seed Metrics
Redistribution with Seed Metric
One-Point Redistribution
Demo - One-Point Redistribution
One-Way and Two-Way Multipoint Redistribution
Redistribution Techniques
Redistribution Implementation Considerations
One-Way Redistribution Issue
One-Way Multipoint Redistribution Issue
Two-Way Multipoint Redistribution Issue
Summary
Lesson: Configuring and Verifying Route Redistribution
Redistribution Supports All Protocols
Steps to Configure Redistribution into RIP
Redistributing into RIP
Steps to Configure Redistribution into OSPF
Redistributing into OSPF
Steps to Configure Redistribution into EIGRP
Default Metric
Redistributing into EIGRP
Example: Redistributing into OSPF - Before Redistribution
Example: Configuring Redistribution at Router R2
Example: Routing Tables After Summarizing Routes and Redistributions
Administrative Distance
Administrative Distance Example
Steps to Configure Redistribution Using Administrative Distance
Modifying Administrative Distance
Modifying Administrative Distance (Cont.)
Example: Redistribution Using Administrative Distance
Example: Redistribution Using Administrative Distance (Cont.)
Redistribution to Prevent Routing Loops
Solution With Route Tagging
Redistribution With Tagging Verification
Redistribution With Tagging Verification (Cont.)
Summary
Module 4 Review
Module 5 - Implementing Path Control
Lesson: Assessing Path Control Network Performance Issues
Assessing Path Control Network Performance
Path Selection Process Using Filters
Path Control Tools: Offset List
Path Control Tools: Offset List (Cont.)
Path Control Tools: Cisco IOS IP Service Level Agreement
Cisco IOS IP SLA Example
Cisco IOS IP SLA Example (Cont.)
Policy-Based Routing
Policy-Based Routing Benefits
Steps to Implement Path Control
Requirements for Policy Based Routing
Steps to Configure and Verify Policy-Based Routing
Matching the Traffic
Policy Routing set Commands
Policy Routing set Commands (Cont.)
Apply Route Maps for PBR
Demo - Policy Based Routing
Enable Fast-Switched PBR or PBR Switched by Cisco Express Forwarding
Verifying Policy-Based Routing
Verifying Policy-Based Routing (Cont.)
Example: PBR Equal Access
Example: PBR Equal Access (Cont.)
Verifying Policy-Based Routing: Examples
Verifying Policy-Based Routing: Examples (Cont.)
Summary
Module 5 Review
Module 6 - Connecting an Enterprise Network to an ISP Network
Lesson: Planning the Enterprise-to-ISP Connection
Session Origin Initiation
Enterprise Network-to-ISP Connectivity Requirements
Reachability
Using Circuit Emulation
Using Static Routes
Using MPLS VPN
Using BGP
Enterprise Network-to-ISP Connection Options
Single-homed ISP Connectivity
Dual-homed ISP Connectivity
Multihomed ISP Connectivity
Dual-multihomed ISP Connectivity
Summary
Lesson: Considering the Advantages of Using BGP
BGP Terminology
Multihoming Options
Default Routes from Providers
Default Routes from Providers (cont.)
Default Routes and Partial Table from Providers
Default Routes and Partial Table from Providers (cont.)
Full Internet Routing from Providers
Autonomous System
BGP Routing Between Autonomous Systems
Path Vector Functionality
BGP Routing Policies
Features of BGP
When to Use BGP
BGP Databases
BGP Message Types
Summary
Lesson: Comparing the Functions and Uses of EBGP and IBGP
BGP Neighbors
External BGP Neighbors
Requirements for EBGP
Internal BGP Neighbors
Summary
Lesson: Configuring and Verifying Basic BGP Operations
Planning for BGP
Requirements for Basic BGP Configuration
Steps to Configure Basic EBGP
Define BGP Process and Activate EBGP Session
Advertise Networks
BGP network Command Details
Basic EBGP Configuration
Basic IBGP and EBGP Configuration in the Customer A Network
Demo - Basic BGP Configuration
Shutting Down a BGP Neighbor
IBGP Peering Issue
BGP Issues with Source IP Address
IBGP Using Loopback Addresses
Demo - Internal BGP
IBGP Next-Hop Behavior
BGP neighbor next-hop-self Command
Demo - next-hop-self
BGP States
BGP Established and Idle States
Example: show ip bgp neighbors Command
BGP Active State Verification
Example: BGP Active State Verification
Example: BGP Peering
BGP Neighbor Authentication
Example: BGP Neighbor Authentication
Example: BGP Configuration
Example: show ip bgp Command
Example: show ip bgp rib-failure Command
Clearing the BGP Session
Hard Reset of BGP Sessions
Soft Reset Outbound
Inbound Soft Reset
Route Refresh: Dynamic Inbound Soft Reset
Monitoring Soft Reconfiguration
debug ip bgp updates Command
Summary
Lesson: BGP Attributes and Path Selection Process
BGP Path Selection
Routing Table Manager
Route Selection Decision Process
Weight Attribute
Set Weight with Route Map
Using Route Maps for Path Selection
Set Weight with Route Map Example
Local Preference Attribute
Set Local Preference with Route Map
Set Local Preference with Route Map (Cont.)
Set AS Path with Route Map
Set AS Path with Route Map (Cont.)
MED Attribute
Set MED with Route Map
Route Map for Router R1
Route Map for Router R2
Demo - Routing Policy
Steps to Configure BGP Route Filtering Using IP Prefix Lists
Configuring Filtering of BGP Routing Updates
Verify Filtering of BGP Routing Updates
Steps to Configure Route Filtering with a Route Map
Using Route Maps for Filtering Routing Updates
Using Route Maps as BGP Filters
Filtering Routing Updates
Summary
Module 6 Review
Course Closure



Features
Cisco CCNP Training Suite
Exam 640-553 CCNA Security - Implementing Cisco IOS Network Security (IINS)
Exam 642-813 CCNP Switch - Implementing Cisco IP Switched Networks
Exam 642-832 CCNP TSHOOT - Troubleshooting and Maintaining Cisco IP Networks
Exam 642-902 CCNP ROUTE - Implementing Cisco IP Routing
NetSim Network Simulators
ExSim-MAX Exam Simulators


12 DVDs featuring live instructor-led classroom sessions with full audio and video lectures by Certified Cisco Systems Instructor - CCSI
Hands-on Lab Demonstrations
Interactive Chapter Review Quizzes
CCNP NetSim Network Simulator application that simulates Cisco Systems\' networking hardware and software and is designed to aid the user in learning the Cisco IOS command structure.
CCNP ExSim MAX Exam Simulator designed to simulate the complete exam experience.
*Exclusive LearningZone Live Mentor, Ring for Details (Add $50/6 months $75/12 Months)
Help Whenever you need it! Exclusive LearningZone - Chat Live with our Certified Instructors anytime around the clock (7x24)
Exclusive Exam Pass Guarantee
Free 1 Year Upgrade Policy
Certificate of Completion
** Price includes delivery ex US and GST