Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide: CCDP ARCH 300-320

Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide, Fourth Edition


·         Learn about the Cisco modular enterprise architecture

·         Create highly available enterprise network designs

·         Develop optimum Layer 3 designs

·         Examine advanced WAN services design considerations

·         Evaluate data center design considerations

·         Design effective modern WAN and data center designs

·         Develop effective migration approaches to IPv6

·         Design resilient IP multicast networks

·         Create effective network security designs


Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide , Fourth Edition, is a Cisco-authorized, self-paced learning tool for CCDP foundation learning. This book provides you with the knowledge needed to perform the conceptual, intermediate, and detailed design of a network infrastructure that supports desired network solutions over intelligent network services to achieve effective performance, scalability, and availability. This book presents concepts and examples necessary to design converged enterprise networks. You learn additional aspects of modular campus design, advanced routing designs, WAN service designs, enterprise data center design, IP multicast design, and security design. Advanced and modern network infrastructure solutions, such as virtual private networks (VPN), Cisco Intelligent WAN (IWAN), and Cisco Application-Centric Infrastructure (ACI), are also covered.


Chapter-ending review questions illustrate and help solidify the concepts presented in the book.


Whether you are preparing for CCDP certification or CCDE certification, or simply want to gain a better understanding of designing scalable and reliable network architectures, you will benefit from the foundation information presented in this book.


Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide, Fourth Edition, is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit https://learningnetwork.cisco.com.


Category: Cisco Certification

Covers: CCDP ARCH 300-320

 

 

1301572521
Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide: CCDP ARCH 300-320

Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide, Fourth Edition


·         Learn about the Cisco modular enterprise architecture

·         Create highly available enterprise network designs

·         Develop optimum Layer 3 designs

·         Examine advanced WAN services design considerations

·         Evaluate data center design considerations

·         Design effective modern WAN and data center designs

·         Develop effective migration approaches to IPv6

·         Design resilient IP multicast networks

·         Create effective network security designs


Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide , Fourth Edition, is a Cisco-authorized, self-paced learning tool for CCDP foundation learning. This book provides you with the knowledge needed to perform the conceptual, intermediate, and detailed design of a network infrastructure that supports desired network solutions over intelligent network services to achieve effective performance, scalability, and availability. This book presents concepts and examples necessary to design converged enterprise networks. You learn additional aspects of modular campus design, advanced routing designs, WAN service designs, enterprise data center design, IP multicast design, and security design. Advanced and modern network infrastructure solutions, such as virtual private networks (VPN), Cisco Intelligent WAN (IWAN), and Cisco Application-Centric Infrastructure (ACI), are also covered.


Chapter-ending review questions illustrate and help solidify the concepts presented in the book.


Whether you are preparing for CCDP certification or CCDE certification, or simply want to gain a better understanding of designing scalable and reliable network architectures, you will benefit from the foundation information presented in this book.


Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide, Fourth Edition, is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit https://learningnetwork.cisco.com.


Category: Cisco Certification

Covers: CCDP ARCH 300-320

 

 

59.99 In Stock
Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide: CCDP ARCH 300-320

Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide: CCDP ARCH 300-320

Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide: CCDP ARCH 300-320

Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide: CCDP ARCH 300-320

eBook

$59.99  $63.99 Save 6% Current price is $59.99, Original price is $63.99. You Save 6%.

Available on Compatible NOOK devices, the free NOOK App and in My Digital Library.
WANT A NOOK?  Explore Now

Related collections and offers


Overview

Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide, Fourth Edition


·         Learn about the Cisco modular enterprise architecture

·         Create highly available enterprise network designs

·         Develop optimum Layer 3 designs

·         Examine advanced WAN services design considerations

·         Evaluate data center design considerations

·         Design effective modern WAN and data center designs

·         Develop effective migration approaches to IPv6

·         Design resilient IP multicast networks

·         Create effective network security designs


Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide , Fourth Edition, is a Cisco-authorized, self-paced learning tool for CCDP foundation learning. This book provides you with the knowledge needed to perform the conceptual, intermediate, and detailed design of a network infrastructure that supports desired network solutions over intelligent network services to achieve effective performance, scalability, and availability. This book presents concepts and examples necessary to design converged enterprise networks. You learn additional aspects of modular campus design, advanced routing designs, WAN service designs, enterprise data center design, IP multicast design, and security design. Advanced and modern network infrastructure solutions, such as virtual private networks (VPN), Cisco Intelligent WAN (IWAN), and Cisco Application-Centric Infrastructure (ACI), are also covered.


Chapter-ending review questions illustrate and help solidify the concepts presented in the book.


Whether you are preparing for CCDP certification or CCDE certification, or simply want to gain a better understanding of designing scalable and reliable network architectures, you will benefit from the foundation information presented in this book.


Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide, Fourth Edition, is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit https://learningnetwork.cisco.com.


Category: Cisco Certification

Covers: CCDP ARCH 300-320

 

 


Product Details

ISBN-13: 9780134426037
Publisher: Pearson Education
Publication date: 12/27/2016
Series: Foundation Learning Guides
Sold by: Barnes & Noble
Format: eBook
Pages: 944
File size: 67 MB
Note: This product may take a few minutes to download.

About the Author

Marwan Al-shawi, CCDE No. 20130066, is a Cisco Press author whose titles include the top Cisco certification design books CCDE Study Guide and Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide, Fourth Edition. He also is an experienced technical architect. Marwan has been in the networking industry for more than 12 years and has been involved in architecting, designing, and implementing various large-scale networks, some of which are global service provider—grade networks. Marwan holds a Master of Science degree in internetworking from the University of Technology, Sydney. He enjoys helping and assessing network designs and architectures; therefore, he was selected as a Cisco Designated VIP by the Cisco Support Community (CSC) (official Cisco Systems forums) in 2012 and by the Solutions and Architectures subcommunity in 2014. In addition, Marwan was selected as a member of the Cisco Champions program in 2015 and 2016. In his spare time, Marwan provides CCDP- and CCDE-related training and blogs at netdesignarena.com.


André Laurent, 3xCCIE No. 21840, CCDE No. 20120024, is the worldwide director of engineering for enterprise networking sales at Cisco Systems and a Cisco Press author. Outside his own personal development, André has an equal passion for helping others develop their systems and assisting them with the certification process. André is recognized in the industry as a subject matter expert in the areas of routing, switching, security, and design. Although he wears a Cisco badge, André takes a neutral approach in helping clients establish a long-term business and technology vision covering necessary strategy, execution, and metrics for measuring impact.

Table of Contents

Introduction

Part I Designing Reliable and Resilient Enterprise Layer 2 and Layer 3 Networks

Chapter 1 Optimal Enterprise Campus Design

Enterprise Campus Design Principles

Hierarchy

    Access Layer

    Distribution Layer

    Core Layer

    Enterprise Campus Two-Tier Layer Model

    Enterprise Campus Three-Tier Layer Model

Modularity

    Modular Enterprise Campus Architecture and Modular Enterprise Campus with OSPF

    Access-Distribution Block

Flexibility

    Campus Network Virtualization

    Campus Network Virtualization Technologies and Techniques

        VLAN Assignment

        Virtual Routing and Forwarding

        Path Isolation Techniques

Resiliency

    Enterprise Campus High-Availability Design Considerations

    VLANs, Trunking, and Link Aggregation Design Recommendations

        VLAN Design

        Trunking

        Link Aggregation

    First-Hop Redundancy Protocol (FHRP)

        IP Gateway Redundancy Optimization with VSS

    Layer 2 to Layer 3 Boundary Design Options and Considerations

        Distribution-to-Distribution Link Design Considerations

        A Summary of Enterprise Campus HA Designs

Summary

Review Questions

References

Chapter 2 EIGRP Design

Scalable EIGRP Design Overview

EIGRP with Multiple Autonomous Systems

    EIGRP Queries

    Multiple EIGRP Autonomous System Drivers

EIGRP Multilayer Architectures

    EIGRP Two-Layer Hierarchy Architecture

    EIGRP Three-Layer Hierarchy Architecture

EIGRP Hub-and-Spoke Design

    Summarization Challenges

        Route Summarization Black Holes

        Route Summarization and Suboptimal Routing

    EIGRP Hub-and-Spoke Scalability Optimization

        EIGRP Stub Leaking

    EIGRP DMVPN Scaling

EIGRP Fast Convergence Design Considerations

    Bidirectional Forwarding Detection

EIGRP Graceful Restart/NSF Considerations

Summary

Review Questions

Chapter 3 OSPF Design

OSPF Scalability Design Considerations

    Adjacent Neighbors

    Routing Information in the Area and the Routed Domain

    Numbers of Routers in an Area

    Number of Areas per ABR

OSPF Area Design Considerations

    OSPF Hierarchy

    Area and Domain Summarization

OSPF Full-Mesh Design

OSPF Hub-and-Spoke Design

    OSPF ABR Placement in Hub-and-Spoke Design

    Number of Areas in OSPF Hub-and-Spoke Design

    OSPF Network Types in Hub-and-Spoke Design

OSPF Convergence Design Considerations and Optimization Techniques

    Event Detection

    OSPF Event Propagation

    OSPF Event Processing

    OSPF Flooding Reduction

    OSPF Database Overload Protection

Summary

Review Questions

Chapter 4 IS-IS Design

Protocol Overview

    IS-IS Characteristics

    Integrated IS-IS Routing

IS-IS Hierarchical Architecture Overview

    IS-IS Router and Link Types

    IS-IS Adjacencies

IS-IS Versus OSPF

    Similarities Between IS-IS and OSPF

    OSPF and IS-IS Characteristics

    Integrated IS-IS and OSPF Area Designs

        OSPF Area Design

        Integrated IS-IS Area Design

IS-IS Technical Deep Dive

    IS-IS Addressing

        IS-IS Packets

        IS-IS Information Data Flow

        IS-IS Network Types

        IS-IS Protocol Operations

        Level 1 and Level 2 LSPs and IIHs

    IS-IS Link-State Packets Flooding

    IS-IS LSDB Synchronization

IS-IS Design Considerations

    IS-IS Routing Logic Overview

        Advanced IS-IS Routing

    Route Leaking

    Asymmetric Versus Symmetric IS-IS Routing

    IS-IS Routing over NBMA Hub-and-Spoke

    IS-IS Routing over a Full-Mesh Network

    Flat IS-IS Routing Design

    Hierarchal IS-IS Design

    IS-IS Routes Summarization

    Integrated IS-IS for IPv6

        IS-IS Single-Topology Restrictions

        Multitopology IS-IS for IPv6

    Final Thoughts on IS-IS Routing Design

Summary

Review Questions

Chapter 5 Border Gateway Protocol Design

BGP Overview

    BGP Speaker Types

    BGP Loop Prevention and Split-Horizon Rule

    BGP Path Attributes and Path Selection (Review)

        BGP Path Attributes

        How BGP Selects Paths

Designing Scalable iBGP Networks

    iBGP Scalability Limitations

    IBGP Scalability Solutions

        BGP Route Reflectors

        BGP Confederations

        BGP Confederations Versus BGP Route Reflectors

BGP Route Reflector Design

    Route Reflector Split-Horizon Rule

    BGP Route Reflectors Redundancy Design Options and Considerations

        Route Reflector Clusters

        Loop-Prevention Mechanisms

        Congruence of Physical and Logical Networks

        Hierarchical Route Reflector Design

    Route Reflector Potential Network Design Issues

Enhancing the Design of BGP Policies with BGP Communities

    BGP Community Attribute Overview

    Well-Known BGP Communities

    BGP Named Community List

    Planning for the Use of BGP Communities

Case Study: Designing Enterprise wide BGP Policies Using BGP Communities

    Enterprise BGP Policy Requirements

    BGP Community Solution Design

        Solution Detailed Design and Traffic Flow

BGP Load-Sharing Design

    Single-Homing Versus Multihoming

    Dual-Homing and Multihoming Design Considerations

        Single-Homed, Multiple Links

        Dual-Homed to One ISP Using a Single Local Edge Router

        Dual-Homed to One ISP Using Multiple Edge Routers

        Multihoming with Two ISPs Using a Single Local Edge Router

        Multihoming with Two ISPs Using Multiple Local Edge Routers

Summary

Review Questions

Part II Enterprise IPv6 Design Considerations and Challenges

Chapter 6 IPv6 Design Considerations in the Enterprise

IPv6 Deployment and Design Considerations

    Business and Network Discovery Phase

    Assessment Phase

    Planning and Design Phase

    Implementation and Optimization Phases

Considerations for Migration to IPv6 Design

    Acquiring IPv6 Prefixes

        Provider Independent Versus Provider Assigned

    Where to Start the Migration

    Migration Models and Design Considerations

        IPv6 Island

        IPv6 WAN

IPv6 Transition Mechanisms

    Dual Stack

    NAT64 and DNS64

    Manual Tunnels

    Tunnel Brokers

    6 Rapid Deployment

    Dual-Stack Lite (DS-Lite)

    Locator/ID Separation Protocol (LISP)

        LISP Site Edge Devices

        LISP Infrastructure Devices

Final Thoughts on IPv6 Transition Mechanisms

Summary

Review Questions

Chapter 7 Challenges of the Transition to IPv6

IPv6 Services

    Name Services

        Implementation Recommendations

    Addressing Services

        Implementation Recommendations

    Security Services

Link Layer Security Considerations

    Application Support

        Application Adaptation

        Application Workarounds

    Control Plane Security

    Dual-Stack Security Considerations

    Tunneling Security Considerations

    Multihoming

Summary

Review Questions

Part III Modern Enterprise Wide-Area Networks Design

Chapter 8 Service Provider—Managed VPNs

Choosing Your WAN Connection

Layer 3 MPLS VPNs

    MPLS VPN Architecture

    Enterprise Routing Considerations

    Provider Edge (PE) Router Architecture

        Route Distinguishers

        Route Target (RT)

    PE-CE Routing Protocol

        Using EIGRP as the PE-CE Routing Protocol

        Using OSPF as the PE-CE Routing Protocol

        Using BGP as the PE-CE Routing Protocol

Case Study: MPLS VPN Routing Propagation

    Forwarding in MPLS VPN

Layer 2 MPLS VPN Services

    Virtual Private Wire Service (VPWS)

    Virtual Private LAN Service (VPLS)

        VPLS Scalability Considerations

        VPLS Resiliency Considerations

    VPLS Versus VPWS

Summary

Review Questions

Chapter 9 Enterprise-Managed WANs

Enterprise-Managed VPN Overview

GRE Overview

Multipoint GRE Overview

Point-to-Point and Multipoint GRE Comparison

IPsec Overview

    IPsec and GRE

    IPsec and Virtual Tunnel Interface

IPsec and Dynamic VTI

DMVPN Overview

    DMVPN Phase 1

    DMVPN Phase 2

    DMVPN Phase 3

Case Study: EIGRP DMVPN

    EIGRP over DMVPN Phase 1

    EIGRP over DMVPN Phase 2

    EIGRP over DMVPN Phase 3

    DMVPN Phase 1—3 Summary

DMVPN and Redundancy

Case Study: MPLS/VPN over GRE/DMVPN

SSL VPN Overview

FlexVPN Overview

    FlexVPN Architecture

    FlexVPN Capabilities

    FlexVPN Configuration Blocks

GETVPN

Summary

Review Questions

Chapter 10 Enterprise WAN Resiliency Design

WAN Remote-Site Overview

MPLS Layer 3 WAN Design Models

Common Layer 2 WAN Design Models

Common VPN WAN Design Models

3G/4G VPN Design Models

Remote Site Using Local Internet

Remote-Site LAN

Case Study: Redundancy and Connectivity

    ATM WAN Design

    Remote-Site (Branch Office) WAN Design

    Regional Offices WAN Design

    Basic Traffic Engineering Techniques

NGWAN, SDWAN, and IWAN Solution Overview

    Transport-Independent Design

    Intelligent Path Control

    Application Optimization

    Secure Connectivity

    Management

IWAN Design Overview

    IWAN Hybrid Design Model

Cisco PfR Overview

    Cisco PfR Operations

    Cisco IWAN and PfRv3

    Cisco PfRv3 Design and Deployment Considerations

Enterprise WAN and Access Management

    APIC-EM

    Design of APIC-EM

Summary

Review Questions

Part IV Enterprise Data Center Designs

Chapter 11 Multitier Enterprise Data Center Designs

Case Study 1: Small Data Centers (Connecting Servers to an Enterprise LAN)

Case Study 2: Two-Tier Data Center Network Architecture

Case Study 3: Three-Tier Data Center Network Architecture

    Data Center Inter-VLAN Routing

    End of Row Versus Top of Rack Design

    Fabric Extenders

    Data Center High Availability

    Network Interface Controller Teaming

Summary

Review Questions

Chapter 12 New Trends and Techniques to Design Modern Data Centers

The Need for a New Network Architecture

Limitations of Current Networking Technology

Modern Data Center Design Techniques and Architectures

    Spine-Leaf Data Center Design

    Network Overlays

        Cisco Fabric Path

        Virtual Extensible LAN (VXLAN)

    VXLAN Tunnel Endpoint

    Remote VTEP Discovery and Tenant Address Learning

    VXLAN Control-Plane Optimization

    Software-Defined Networking

        How SDN Can Help

        Selection Criteria of SDN Solutions

        SDN Requirements

        SDN Challenges

        Direction of Nontraditional SDN

Multitenant Data Center

    Secure Tenant Separation

        Layer 3 Separation with VRF-Lite

        Device-Level Virtualization and Separation

    Case Study: Multitenant Data Center

    Microsegmentation with Overlay Networks

Summary

Review Questions

References

Chapter 13 Cisco Application-Centric Infrastructure

ACI Characteristics

How the Cisco ACI Addresses Current Networking Limitations

Cisco ACI Architecture Components

    Cisco Application Policy Infrastructure Controller (APIC)

        APIC Approach Within the ACI Architecture

    Cisco ACI Fabric

ACI Network Virtualization Overlays

Application Design Principles with the Cisco ACI Policy Model

    What Is an Endpoint Group in Cisco ACI?

        Design EPGs

    ACI Fabric Access Polices

    Building Blocks of a Tenant in the Cisco ACI

    Crafting Applications Design with the Cisco ACI

    ACI Interaction with External Layer 2 Connections and Networks

        Connecting ACI to the Outside Layer 2 Domain

        ACI Integration with STP-Based Layer LAN

ACI Routing

    First-Hop Layer 3 Default Gateway in ACI

    Border Leaves

    Route Propagation inside the ACI Fabric

    Connecting the ACI Fabric to External Layer 3 Domains

    Integration and Migration to ACI Connectivity Options

Summary

Review Questions

References

Chapter 14 Data Center Connections

Data Center Traffic Flows

    Traffic Flow Directions

    Traffic Flow Types

The Need for DCI

IP Address Mobility

Case Study: Dark Fiber DCI

Pseudowire DCI

    Virtual Private LAN Service DCI

    Customer-Managed Layer 2 DCI Deployment Models

        Any Transport over MPLS over GRE

        Customer-Managed Layer 2 DCI Deployment

        Layer 2 DCI Caveats

        Overlay Transport Virtualization DCI

    Overlay Networking DCI

    Layer 3 DCI

Summary

Review Questions

Part V Design QoS for Optimized User Experience

Chapter 15 QoS Overview

QoS Overview

IntServ versus DiffServ

Classification and Marking

    Classifications and Marking Tools

    Layer 2 Marking: IEEE 802.1Q/p Class of Service

    Layer 3 Marking: IP Type of Service

    Layer 3 Marking: DSCP Per-Hop Behaviors

    Layer 2.5 Marking: MPLS Experimental Bits

    Mapping QoS Markings between OSI Layers

    Layer 7 Classification: NBAR/NBAR2

Policers and Shapers

    Token Bucket Algorithms

Policing Tools: Single-Rate Three-Color Marker

Policing Tools: Two-Rate Three-Color Marker

Queuing Tools

    Tx-Ring

    Fair Queuing

    CBWFQ

Dropping Tools

    DSCP-Based WRED

    IP ECN

Summary

Review Questions

Chapter 16 QoS Design Principles and Best Practices

QoS Overview

Classification and Marking Design Principles

Policing and Remarking Design Principles

Queuing Design Principles

Dropping Design Principles

Per-Hop Behavior Queue Design Principles

RFC 4594 QoS Recommendation

QoS Strategy Models

    4-Class QoS Strategy

    8-Class QoS Strategy

    12-Class QoS Strategy

Summary

Review Questions

Chapter 17 Campus, WAN, and Data Center QoS Design

Campus QoS Overview

    VoIP and Video

    Buffers and Bursts

    Trust States and Boundaries

        Trust States and Boundaries Example

        Dynamic Trust State

    Classification/Marking/Policing QoS Model

    Queuing/Dropping Recommendations

    Link Aggregation “EtherChannel” QoS Design

    Practical Example of Campus QoS Design

WAN QoS Overview

    Platform Performance Considerations

    Latency and Jitter Considerations

    Queuing Considerations

    Shaping Considerations

    Practical Example of WAN and Branch QoS

Data Center QoS Overview

    High-Performance Trading Architecture

    Big Data Architecture

    Case Study: Virtualized Multiservice Architectures

    Data Center Bridging Toolset

    Case Study: DC QoS Application

Summary

Review Questions

Chapter 18 MPLS VPN QoS Design

The Need for QoS in MPLS VPN

Layer 2 Private WAN QoS Administration

Fully Meshed MPLS VPN QoS Administration

MPLS DiffServ Tunneling Modes

    Uniform Tunneling Mode

    Short-Pipe Tunneling Mode

    Pipe Tunneling Mode

Sample MPLS VPN QoS Roles

Summary

Review Questions

Chapter 19 IPsec VPN QoS Design

The Need for QoS in IPsec VPN

VPN Use Cases and Their QoS Models

IPsec Refresher

IOS Encryption and Classification: Order of Operations

MTU Considerations

DMVPN QoS Considerations

GET VPN QoS Considerations

Summary

Review Questions

Part VI IP Multicast Design

Chapter 20 Enterprise IP Multicast Design

How Does IP Multicast Work?

    Multicast Group

    IP Multicast Service Model

    Functions of a Multicast Network

Multicast Protocols

Multicast Forwarding and RPF Check

    Case Study 1: RPF Check Fails and Succeeds

Multicast Protocol Basics

    Multicast Distribution Trees Identification

PIM-SM Overview

    Receiver Joins PIM-SM Shared Tree

    Registered to RP

    PIM-SM SPT Switchover

Multicast Routing Table

Basic SSM Concepts

    SSM Scenario

Bidirectional PIM

    PIM Modifications for Bidirectional Operation

        DF Election

        DF Election Messages

    Case Study 2: DF Election

Summary

Review Questions

Chapter 21 Rendezvous Point Distribution Solutions

Rendezvous Point Discovery

    Rendezvous Placement

    Auto-RP

        Auto-RP Candidate RPs

        Auto-RP Mapping Agents

        Auto-RP and Other Routers

        Case Study: Auto-RP Operation

        Auto-RP Scope Problem

    PIMv2 BSR

        PIMv2 BSR: Candidate RPs

        PIMv2 BSR: Bootstrap Router

        PIMv2 BSR: All PIMv2 Routers

        BSR Flooding Problem

    IPv6 Embedded Rendezvous Point

Anycast RP Features

Anycast RP Example

MSDP Protocol Overview

    MSDP Neighbor Relationship

    Case Study: MSDP Operation

Summary

Review Questions

Part VII Designing Optimum Enterprise Network Security

Chapter 22 Designing Security Services and Infrastructure Protection

Network Security Zoning

Cisco Modular Network Architecture

Cisco Next-Generation Security

Designing Infrastructure Protection

    Infrastructure Device Access

    Routing Infrastructure

    Device Resiliency and Survivability

    Network Policy Enforcement

    Switching Infrastructure

    SDN Security Considerations

Summary

Review Questions

Chapter 23 Designing Firewall and IPS Solutions

Firewall Architectures

Virtualized Firewalls

Case Study 1: Separation of Application Tiers

    Securing East-West Traffic

Case Study 2: Implementing Firewalls in a Data Center

Case Study 3: Firewall High Availability

IPS Architectures

Case Study 4: Building a Secure Campus Edge Design (Internet and Extranet Connectivity)

    Campus Edge

    Connecting External Partners

        Challenges of Connecting External Partners

        Extranet Topology: Remote LAN Model

        Extranet Topology: Interconnect Model

        Extranet: Security and Multitenant Segmentation

Summary

Review Questions

Chapter 24 IP Multicast Security

Multicast Security Challenges

Problems in the Multicast Network

Multicast Network Security Considerations

    Network Element Security

    Security at the Network Edge

        Securing Auto-RP and BSR

        MSDP Security

    PIM and Internal Multicast Security

        Multicast Sender Control

        Multicast Receiver Controls

        Multicast Admission Controls

Summary

Review Questions

Chapter 25 Designing Network Access Control Solutions

IEEE 802.1X Overview

Extensible Authentication Protocol

802.1X Supplicants

IEEE 802.1X Phased Deployment

Cisco TrustSec

    Profiling Service

    Security Group Tag

Case Study: Authorization Options

Summary

Review Questions

Part VIII Design Scenarios

Chapter 26 Design Case Studies

Case Study 1: Design Enterprise Connectivity

    Detailed Requirements and Expectations

    Design Analysis and Task List

    Selecting a Replacement Routing Protocol

    Designing for the New Routing Protocol

    OSPF Design Optimization

    Planning and Designing the Migration from the Old to the New Routing

    Scaling the Design

Case Study 2: Design Enterprise BGP Network with Internet Connectivity

    Detailed Requirements and Expectations

    Design Analysis and Task List

    Choosing the Routing Protocol

    Choosing the Autonomous System Numbers

    BGP Connectivity

        BGP Sessions

        BGP Communities

    Routing Policy

        Routing Policy in North American Sites

        Routing Policy in European and Asian Sites

    Internet Routing

        Public IP Space Selection

        Main HQ Multihoming

        Default Routing

Case Study 3: Design Enterprise IPv6 Network

    Detailed Requirements and Expectations

    Design Analysis and Task List

    Choosing the IP Address Type for the HQ

    Connecting the Branch Sites

    Deployment Model

    Addressing

        Address Provisioning

    Communication Between Branches

    Application and Service Migration

Case Study 4: Design Enterprise Data Center Connectivity

    Detailed Requirements and Expectations

    Design Analysis and Task List

    Selecting the Data Center Architecture and Connectivity Model

    DCN Detailed Connectivity

    Connecting Network Appliances

    Data Center Interconnect

    Data Center Network Virtualization Design

Case Study 5: Design Resilient Enterprise WAN

    Detailed Requirements and Expectations

    Design Analysis and Task List

    Selecting WAN Links

    WAN Overlay

Case Study 6: Design Secure Enterprise Network

    Detailed Requirements and Expectations

    Security Domains and Zone Design

    Infrastructure and Network Access Security

    Layer 2 Security Considerations

    Main and Remote Location Firewalling

Case Study 7: Design QoS in the Enterprise Network

    Detailed Requirements and Expectations

    Traffic Discovery and Analysis

    QoS Design Model

    QoS Trust Boundary

    Congestion Management

    Scavenger Traffic Considerations

    MPLS WAN DiffServ Tunneling

Appendix A Answers to Review Questions

Appendix B References

 

9781587144622    TOC   11/28/2016

 

From the B&N Reads Blog

Customer Reviews