Muutke küpsiste eelistusi

Cisco Software-Defined Wide Area Networks: Designing, Deploying and Securing Your Next Generation WAN with Cisco SD-WAN [Multiple-component retail product]

4.25/5 (8 hinnangut Goodreads-ist)
, , ,
  • Formaat: Multiple-component retail product, 608 pages, kõrgus x laius x paksus: 231x185x36 mm, kaal: 920 g, Contains 1 Paperback / softback and 1 Digital product license key
  • Sari: Networking Technology
  • Ilmumisaeg: 11-Jan-2021
  • Kirjastus: Cisco Press
  • ISBN-10: 0136533175
  • ISBN-13: 9780136533177
Teised raamatud teemal:
Cisco Software-Defined Wide Area Networks: Designing, Deploying and Securing Your Next Generation WAN with Cisco SD-WANSuurem pilt
  • Formaat: Multiple-component retail product, 608 pages, kõrgus x laius x paksus: 231x185x36 mm, kaal: 920 g, Contains 1 Paperback / softback and 1 Digital product license key
  • Sari: Networking Technology
  • Ilmumisaeg: 11-Jan-2021
  • Kirjastus: Cisco Press
  • ISBN-10: 0136533175
  • ISBN-13: 9780136533177
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9780136533177.html
Märksõnad:
Cisco Software-Defined Wide-Area Networks from Cisco Press will help you learn, prepare, and practice for exam success. This study guide is built with the objective of providing assessment, review, and practice to help ensure you are prepared for your certification exam.

Cisco Software-Defined Wide-Area Networks presents you with an organized test preparation routine using proven series elements and techniques. Key Topic tables help you drill on key concepts you must know thoroughly. Chapter-ending Review Questions help you to review what you learned in the chapter.









Master Implementing Cisco SD-WAN Solutions (ENSDWI 300-415) exam topics Assess your knowledge with chapter-ending review questions Review key terms Practice with realistic exam questions in the practice test software





Cisco Software-Defined Wide-Area Networks enables you to succeed on the exam the first time and is the only self-study resource approved by Cisco. Four leading Cisco technology experts share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills.

This study package includes









A test-preparation routine proven to help you pass the exams Chapter-ending Key Topic tables, which help you drill on key concepts you must know thoroughly Chapter-ending Review Questions, to review what you learned in the chapter The powerful Pearson Test Prep Practice Test software, with two full exams comprised of well-reviewed, exam-realistic questions, customization options, and detailed performance reports An online, interactive Flash Cards application to help you drill on Key Terms by chapter





Well regarded for its level of detail, study plans, assessment features, and review questions, this study guide helps you master the concepts and techniques that ensure your exam success.

This study guide helps you master the topics on the Implementing Cisco SD-WAN Solutions (ENSDWI 300-415) exam, including









Architecture Controller Deployment Router Deployment Policies Security and Quality of Service Management and Operations





Companion Website:

The companion website contains the Pearson Test Prep practice test software with two full exams for the CCNP Enterprise SD-WAN exam ENSDWI 300-415 and Key Terms flash cards.

Includes Exclusive Offers for Up to 70% Off Practice Tests, and more

Pearson Test Prep online system requirements:

Browsers: Chrome version 73 and above; Safari version 12 and above; Microsoft Edge 44 and above.

Devices: Desktop and laptop computers, tablets running on Android v8.0 and iOS v13, smartphones with a minimum screen size of 4.7". Internet access required.

Pearson Test Prep offline system requirements:

Windows 10, Windows 8.1; Microsoft .NET Framework 4.5 Client; Pentium-class 1 GHz processor (or equivalent); 512 MB RAM; 650 MB disk space plus 50 MB for each downloaded practice exam; access to the Internet to register and download exam databases

Also available from Cisco Press for Cisco Certified DevNet Associate study is the Cisco Software-Defined Wide-Area Networks Premium Edition eBook and Practic Test. This digital-only certification preparation product combines an eBook with enhanced Pearson Test Prep Practice Test.

This integrated learning package:









Allows you to focus on individual topic areas or take complete, timed exams Includes direct links from each question to detailed tutorials to help you understand the concepts behind the questions Provides unique sets of exam-realistic practice questions Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most
Introduction xix
Chapter 1 Introduction To Cisco Software-Defined Wide Area Networking (Sd-Wan)
1(24)
Networks of Today
1(3)
Common Business and IT Trends
4(1)
Common Desired Benefits
5(2)
High-Level Design Considerations
7(2)
Introduction to Cisco Software-Defined WAN (SD-WAN)
9(4)
Transport Independence
10(2)
Rethinking the WAN
12(1)
Use Cases Demanding Changes in the WAN
13(4)
Bandwidth Aggregation and Application Load-Balancing
13(1)
Protecting Critical Applications with SLAs
14(1)
End-to-End Segmentation
15(1)
Direct Internet Access
15(1)
Fully Managed Network Solution
16(1)
Building an ROI to Identify Cost Savings
17(1)
Introduction to Multidomain
18(3)
Cloud Trends and Adoption
19(2)
Summary
21(1)
Review All Key Topics
22(1)
Key Terms
22(1)
Chapter Review Questions
22(3)
Chapter 2 Cisco Sd-Wan Components
25(18)
Data Plane
27(5)
Management Plane
32(2)
Control Plane
34(2)
Orchestration Plane
36(2)
Multi-Tenancy Options
38(1)
Deployment Options
38(1)
Summary
39(1)
Review All Key Topics
39(1)
Key Terms
40(1)
Chapter Review Questions
40(2)
References
42(1)
Chapter 3 Control Plane And Data Plane Operations
43(48)
Control Plane Operations
44(21)
Overlay Management Protocol
47(1)
OMP Routes
48(4)
TLOC Routes
52(2)
Service Routes
54(2)
Path Selection
56(2)
OMP Route Redistribution and Loop Prevention
58(7)
Data Plane Operations
65(23)
TLOC Colors
66(4)
Tunnel Groups
70(3)
Network Address Translation
73(1)
Full Cone NAT
74(1)
Symmetric NAT
75(1)
Address Restricted Cone NAT
76(1)
Port Restricted Cone NAT
77(4)
Network Segmentation
81(2)
Data Plane Encryption
83(3)
Data Plane Encryption with Pairwise
86(2)
Summary
88(1)
Review All Key Topics
88(1)
Key Terms
89(1)
Chapter Review Questions
89(1)
References
90(1)
Chapter 4 Onboarding And Provisioning
91(18)
Configuration Templates
93(4)
Developing and Deploying Templates
97(4)
Onboarding Devices
101(4)
Manual Bootstrapping of a WAN Edge
102(1)
Automatic Provisioning with PNP or ZTP
103(2)
Summary
105(1)
Review All Key Topics
106(1)
Chapter Review Questions
106(1)
References
107(2)
Chapter 5 Introduction To Cisco Sd-Wan Policies
109(24)
Purpose of Cisco SD-WAN Policies
109(1)
Types of Cisco SD-WAN Policies
110(5)
Centralized Policy
110(1)
Centralized Policies That Affect the Control Plane
111(1)
Centralized Policies That Affect the Data Plane
112(1)
Localized Policy
112(1)
Policy Domains
113(2)
Cisco SD-WAN Policy Construction
115(7)
Types of Lists
118(1)
Policy Definition
119(3)
Cisco SD-WAN Policy Administration, Activation, and Enforcement
122(5)
Building a Centralized Policy
122(3)
Activating a Centralized Policy
125(2)
Packet Forwarding Order of Operations
127(1)
Summary
128(1)
Review All Key Topics
129(1)
Define Key Terms
129(1)
Chapter Review Questions
129(4)
Chapter 6 Centralized Control Policies
133(94)
Centralized Control Policy Overview
134(2)
Use Case 1 Isolating Remote Branches from Each Other
136(13)
Use Case 1 Review
149(1)
Use Case 2 Enabling Branch-to-Branch Communication Through Data Centers
149(20)
Enabling Branch-to-Branch Communication with Summarization
150(2)
Enabling Branch-to-Branch Communication with TLOC Lists
152(16)
Use Case 2 Review
168(1)
Use Case 3 Traffic Engineering at Sites with Multiple Routers
169(11)
Setting TLOC Preference with Centralized Policy
171(6)
Setting TLOC Preference with Device Templates
177(2)
Use Case 3 Review
179(1)
Use Case 4 Preferring Regional Data Centers for Internet Access
180(8)
Use Case 4 Review
188(1)
Use Case 5 Regional Mesh Networks
188(7)
Use Case 5 Review
195(1)
Use Case 6 Enforcing Security Perimeters with Service Insertion
195(7)
Use Case 6 Review
202(1)
Use Case 7 Isolating Guest Users from the Corporate WAN
202(4)
Use Case 7 Review
206(1)
Use Case 8 Creating Different Network Topologies per Segment
206(5)
Use Case 8 Review
210(1)
Use Case 9 Creating Extranets and Access to Shared Services
211(12)
Use Case 9 Review
222(1)
Summary
223(1)
Review All Key Topics
223(1)
Define Key Terms
224(1)
Chapter Review Questions
224(2)
Reference
226(1)
Chapter 7 Centralized Data Policies
227(58)
Centralized Data Policy Overview
228(1)
Centralized Data Policy Use Cases
228(52)
Use Case 10 Direct Internet Access for Guest Users
230(12)
Use Case 10 Review
242(1)
Use Case 11 Direct Cloud Access for Trusted Applications
243(10)
Use Case 11 Review
253(1)
Use Case 12 Application-Based Traffic Engineering
253(7)
Use Case 12 Review
260(1)
Use Case 13 Protecting Corporate Users with a Cloud-Delivered Firewall
261(8)
Use Case 13 Review
269(1)
Use Case 14 Protecting Applications from Packet Loss
269(1)
Forward Error Correction for Audio and Video
270(4)
Packet Duplication for Credit Card Transactions
274(6)
Use Case 14 Review
280(1)
Summary
280(1)
Review All Key Topics
281(1)
Define Key Terms
282(1)
Chapter Review Questions
282(2)
References
284(1)
Chapter 8 Application-Aware Routing Policies
285(34)
The Business Imperative for Application-Aware Routing
286(1)
The Mechanics of an App-Route Policy
286(1)
Constructing an App-Route Policy
287(7)
Monitoring Tunnel Performance
294(10)
Liveliness Detection
295(1)
Hello Interval
295(2)
Multiplier
297(1)
Path Quality Monitoring
298(1)
App-Route Poll Interval
298(2)
App-Route Multiplier
300(4)
Mapping Traffic Flows to a Transport Tunnel
304(11)
Packet Forwarding with Application-Aware Routing Policies
304(1)
Traditional Lookup in the Routing Table
305(1)
SLA Class Action
306(9)
Summary
315(1)
Review All Key Topics
316(1)
Define Key Terms
316(1)
Chapter Review Questions
316(3)
Chapter 9 Localized Policies
319(30)
Introduction to Localized Policies
319(1)
Localized Control Policies
320(14)
Localized Data Policies
334(4)
Quality of Service Policies
338(8)
Step 1 Assign Traffic to Forwarding Classes
339(2)
Step 2 Map Forwarding Classes to Hardware Queues
341(1)
Step 3 Configure the Scheduling Parameters for Each Queue
341(1)
Step 4 Map All of the Schedulers Together into a Single QoS Map
342(1)
Step 5 Configure the Interface with the QoS Map
343(3)
Summary
346(1)
Review All Key Topics
347(1)
Chapter Review Questions
347(2)
Chapter 10 Cisco Sd-Wan Security
349(44)
Cisco SD-WAN Security: Why and What
349(3)
Application-Aware Enterprise Firewall
352(8)
Intrusion Detection and Prevention
360(7)
URL Filtering
367(5)
Advanced Malware Protection and Threat Grid
372(5)
DNS Web Layer Security
377(4)
Cloud Security
381(3)
Manage Authentication and Authorization
384(5)
Local Authentication with Role-Based Access Control (RBAC)
384(3)
Remote Authentication with Role-Based Access Control (RBAC)
387(2)
Summary
389(1)
Review All Key Topics
389(1)
Define Key Terms
389(1)
Chapter Review Questions
389(4)
Chapter 11 Cisco Sd-Wan Cloud Onramp
393(66)
Cisco SD-WAN Cloud onRamp
393(1)
Cloud onRamp for SaaS
394(18)
Cloud onRamp for IaaS
412(17)
Cloud onRamp for Colocation
429(26)
Why Colocation?
432(1)
How It Works
432(2)
Service Chaining for a Single Service Node
434(2)
Service Chaining for Multiple Service Nodes
436(1)
Service Chaining and the Public Cloud
436(2)
Infrastructure as a Service
438(1)
Software as a Service
438(2)
Redundancy and High Availability
440(1)
Service Chain Design Best Practices
440(2)
Configuration and Management
442(1)
Cluster Creation
442(7)
Image Repository
449(1)
Service Chain Creation
449(5)
Monitoring
454(1)
Summary
455(1)
Review All Key Topics
456(1)
Define Key Terms
456(1)
Chapter Review Questions
456(3)
Chapter 12 Cisco Sd-Wan Design And Migration
459(34)
Cisco SD-WAN Design Methodology
459(1)
Cisco SD-WAN Migration Preparation
460(2)
Cisco SD-WAN Data Center Design
462(7)
Transport-Side Connectivity
463(2)
Loopback TLOC Design
465(1)
Service-Side Connectivity
466(3)
Cisco SD-WAN Branch Design
469(11)
Complete CE Replacement--Single Cisco SD-WAN Edge
470(1)
Complete CE Replacement--Dual Cisco SD-WAN Edge
471(4)
Integration with Existing CE Router
475(1)
Integration with a Branch Firewall
476(2)
Integration with Voice Services
478(2)
Cisco SD-WAN Overlay and Underlay Integration
480(10)
Overlay Only
480(1)
Overlay with Underlay Backup
481(4)
Full Overlay and Underlay Integration
485(5)
Summary
490(1)
Review All Key Topics
490(1)
Chapter Review Questions
490(3)
Chapter 13 Provisioning Cisco Sd-Wan Controllers In A Private Cloud
493(34)
SD-WAN Controller Functionality Recap
493(3)
Certificates
496(5)
vManage Controller Deployment
501(12)
Step 1 Deploy vManage Virtual Appliance on VMware ESXi or KVM
503(3)
Step 2 Bootstrap and Configure vManage Controller
506(1)
Step 3/4 Set Organization Name and vBond Address in vManage; Install Root CA Certificate
506(5)
Step 5 Generate, Sign, and Install Certificate onto vManage Controller
511(2)
vBond Controller Deployment
513(5)
Step 1/2/3 Deploy vBond Virtual Machine on VMware ESXi; Bootstrap and Configure vBond Controller; Manually Install Root CA Certificate onvBond
514(2)
Step 4/5 Add vBond Controller to vManage; Generate, Sign, and Install Certificate onto vBond Controller
516(2)
vSmart Controller Deployment
518(5)
Step 1/2/3 Deploy vSmart Virtual Machine from Downloaded OVA; Bootstrap and Configure vSmart Controller; Manually Install Root CA Certificate on vSmart
519(1)
Step 4/5 Add vSmart Controller to vManage; Generate, Sign, and Install Certificate onto vSmart Controller
520(3)
Summary
523(1)
Review All Key Topics
524(1)
Define Key Terms
524(1)
Chapter Review Questions
524(2)
References
526(1)
Appendix A Answers to
Chapter Review Questions		 527(12)
Appendix B Example 7-17 539(14)
Glossary of Key Terms 553(4)
Index 557
Jason Gooley, CCIE No. 38759 (RS and SP), is a very enthusiastic and spontaneous person who has more than 25 years of experience in the industry. Currently, Jason works as a Technical Evangelist for the Worldwide Enterprise Networking Sales team at Cisco Systems. Jason is very passionate about helping others in the industry succeed. In addition to being a Cisco Press author, Jason is a distinguished speaker at Cisco Live, contributes to the development of the Cisco CCIE and DevNet exams, provides training for Learning@Cisco, is an active CCIE mentor, is a committee member for the Cisco Continuing Education Program (CE), and is a program committee member of the Chicago Network Operators Group (CHI-NOG), www.chinog.org. Jason also hosts a show called MetalDevOps.

Dana Yanch, CCIE No. 25567 (RS,DC) CCDE No. 20130071, at the time of writing content for this book was a Global Technical Solutions Architect at Cisco focused on designing and deploying SD-WAN solutions for large enterprises around the world. Prior to spending the last six years working with Viptela and other SD-WAN technologies, Dana had a focus on fabric-based data center technologies. Dana has presented at several Cisco Live Events worldwide and has a passion for public speaking and mentorship. Dana can now be found at Aviatrix, the multi-cloud networking platform, designing cloud connectivity architectures every single day.

Dustin Schuemann, CCIE No. 59235 (R&S), is a Technical Solutions Architect at Cisco Systems. Within the Demo CoE organization, Dustin is a subject matter expert on all things SD-WAN, including development of SD-WAN demo offerings and CPOC labs for some of Ciscos largest customers. He has been a distinguished speaker at Cisco Live multiple times, where he has presented on multiple topics around Cisco SD-WAN. Dustin has more than 17 years of experience in the network engineering field, and before Cisco he was a network architect for multiple firms within the manufacturing and financial industries. He is very passionate about giving back to the IT community and helping to mentor other network engineers. Dustin currently resides in Raleigh, North Carolina.

John Curran is a Technical Solutions Architect with Ciscos Global Virtual Engineering team, where he assists customers and partners with the design of their next-generation networks. John is a subject matter expert in routing and SD-WAN and is excited to spend time teaching and training on these topics. John presents regularly at Cisco Live events around the world and has been repeatedly recognized as a Distinguished Speaker. In his prior role at Cisco, John worked as a Network Consulting Engineer for Ciscos Advanced Services team, supporting government and education customers. John holds a Bachelor of Science degree in Computer Engineering Technology from the University of Cincinnati.