| Course Description |
| In SWITCH, you will learn to plan, configure, and verify the implementation of complex enterprise switching solutions for campus environments using the Cisco Enterprise Campus Architecture. This course is a component of the Cisco CCNP Routing and Switching curriculum, a professional-level certification, and it is designed to give you a firm understanding of how to manage switches in an enterprise campus environment. Hands-on labs reinforce what you learn. |
| Course Objective |
| Candidates will learn: |
 | Analyze campus network designs | | Implement VLANs in a network campus | | Implement spanning tree | | Implement inter-VLAN routing in a campus network | | Implement a highly available network | | Implement high-availability technologies and techniques using multilayer switches in a campus environment | | Implement security features in a switched network | | Integrate WLANs into a campus network | | Accommodate voice and video in campus networks | |
| Duration |
| 5 days |
| Target Audience |
| Network engineers with at least one year of professional work experience who are ready to advance their skills and work independently on complex network solutions | | Network professionals, including network engineers, network operations center (NOC) technical support personnel, or help desk technicians, who will need to correctly implement switch-based solutions given a network design using Cisco IOS services and features | | Any individual involved in network operations and support | |
| Pre-requisites |
| CCNA certification or familiarity with internetworking technologies and the ability to perform basic configuration of Cisco routers, including practical experience installing, operating, and maintaining Cisco routers and switches in an enterprise environment | | Knowledge of IP, including the ability to perform IP subnetting on non-octal boundaries, configure IP standard and extended access lists, operate and configure distance vector routing protocol, configure serial interface, and interpret a Cisco routing table | |
| Course Outline |
| 1. Analyzing Campus Network Designs |
| Cisco SONA |
| Benefits of the enterprise campus architecture | | Function of the core layer | | Impact of traffic types on the network infrastructure | | Cisco Lifecycle Services and Network Implementation | | The PPDIOO lifecycle approach | | PPDIOO implementation planning | |
| 2. Implementing VLANs in Campus Networks |
| Applying Best Practices for VLAN Topologies |
| VLAN segmentation models | | Given an enterprise VLAN network design, information needed to create an implementation plan, choices that need to be made, and the consequences of those choices | | Given an enterprise VLAN network design that contains end-to-end VLANs and trunks, create an implementation and verification plan then successfully execute that plan | | Given an enterprise VLAN network design that contains VTP, create an implementation and verification plan then successfully execute that plan | |
| Configuring Private VLANs (PVLANs) |
| Applying Best Practices for VLAN Topologies | | VLAN segmentation models | | Given an enterprise VLAN network design, information needed to create an implementation plan, choices that need to be made, and the consequences of those choices | | Given an enterprise VLAN network design that contains end-to-end VLANs and trunks, create an implementation and verification plan then successfully execute that plan | | Given an enterprise VLAN network design that contains VTP, create an implementation and verification plan then successfully execute that plan | |
| Configuring Link Aggregation with EtherChannel |
| Applying Best Practices for VLAN Topologies | | VLAN segmentation models | | Given an enterprise VLAN network design, information needed to create an implementation plan, choices that need to be made, and the consequences of those choices | | Given an enterprise VLAN network design that contains end-to-end VLANs and trunks, create an implementation and verification plan then successfully execute that plan | | Given an enterprise VLAN network design that contains VTP, create an implementation and verification plan then successfully execute that plan | |
| 3. Implementing Spanning Tree |
| Spanning Tree Protocol (STP) Enhancements | | Spanning Tree Protocol (STP) Enhancements | | STP standards | | STP operations | | Implement and configure PVRST+ | | RSTP port roles | | Verify RSTP configurations | | MSTP | | Implement and configure MSTP | | | | | STP Stability Mechanisms | | Protect the operation of STP | | Configure BPDUGuard | | Configure BPDUFilter | | Configure RootGuard | | Configure LoopGuard | | Configure UDLD to detect and shut down unidirectional links | | Optimize STP operations by using the right combination of STP stability features | | | |
| 4. Implementing Inter-VLAN Routing |
| Routing Between VLANs |
| Configure and verify inter-VLAN routing in a Layer 2 topology using an external router, a switch SVI, or a switch-routed interface | | Configure both a switch and router to accommodate inter-VLAN packet transfer using an external router | | Layer 3 SVI | | Commands that are used to configure an SVI | | A routed port on a multilayer switch | | Commands that are used to configure a routed port on a multilayer switch | | Configure Layer 3 EtherChannel links | | Configure inter-VLAN routing on a multilayer switch | | Configure DHCP services on a Layer 3 switch | |
| Deploying Multilayer Switching with Cisco Express Forwarding |
| Configure and verify inter-VLAN routing in a Layer 2 topology using multilayer switching with Cisco Express Forwarding | | Process of multilayer switching and how it differs when you are performing Layer 2 vs. Layer 3 switching | | Packet and frame header rewriting performed by a multilayer switch | | Layer 3 switch processing | | Switching methods available on a Cisco switch | | Configure Cisco Express Forwarding on a Cisco switch | |
| 5. Implementing a Highly Available Network |
| Configuring Layer 3 Redundancy with HSRP | | High Availability | | Evaluate the uses, requirements, benefits, and performance expectations of high availability in a given enterprise network design | | Resiliency for high availability | | Design the network for optimal redundancy | | | | | Implementing High Availability | | Implement high availability at the switch level | | Use Cisco StackWise technology on access switches | | Evaluate the impact of too little redundancy | | Assess the impact of uplink failure | | | | Implementing Network Monitoring | | Implement network monitoring | | Configure IP SLA technology | | | | | |
| 6. Implementing Layer 3 High Availability |
| Configuring Layer 3 Redundancy with HSRP | | Routing issues | | Router redundancy process | | Configure HSRP operations | | Fine-tune HSRP | | Troubleshoot HSRP | | | | | Configuring Layer 3 Redundancy with VRRP and GLBP | | VRRP | | VRRP operations process | | Configure VRRP | | GLBP | | GLBP operations process | | Configure GLBP | | | |
| 7. Minimizing Service Loss and Data Theft in a Campus Network |
| Planning for Support of Voice in a Campus Network | | Components of a VoIP network and the components of IP telephony | | Uniform bandwidth consumption of voice traffic vs. the intermittent bandwidth consumption of data traffic | | Compare video bandwidth consumption to voice and data bandwidth consumption based on video application types | | Solution for latency, jitter, bandwidth, packet loss, reliability, and security for voice and video traffic integration into a data network | | | | | Integrating and Verifying VoIP in a Campus Infrastructure | | Plan for VoIP requirements | | Voice VLANs | | Configure and Verify Voice VLANs | | Plan PoE requirements and configure PoE | | Provide additional services required by VoIP devices | | Create a Test Plan for VoIP integration | | | | | | | Working with Specialists to Accommodate Voice and Video on Campus Switches | | High availability applied to VoIP or video traffic | | Build an integrated voice/video/data campus network | | The need for QoS for VoIP and video integration | | | | Protecting Against VLAN Attacks | | How VLAN hopping occurs and why it is a security vulnerability | | Procedure for configuring a switch to mitigate VLAN hopping attacks | | VACLs and their purpose as part of VLAN security | | Procedure for configuring VACLs | | | | Protecting Against Spoofing Attacks | | DHCP spoofing attacks | | Prevent attacks using DHCP snooping | | Configure DHCP snooping | | ARP poisoning | | Protect against ARP spoofing attacks with DAI | | | | | | Switch Security Issues | | Switch and Layer 2 security as a subset of an overall network security plan | | How a rogue device gains unauthorized access to a network | | Categorize switch attack types and list mitigation options | | How a MAC flooding attack works to overflow a CAM Campus Backbone Layer table | | How port security is used to block input from devices based on Layer 2 restrictions | | Procedure for configuring port security on a switch | | Methods that can be used for authentication using AAA | | Port-based authentication using 802.1X | | | | Securing Network Services | | Cisco Discovery Protocol and LLDP vulnerabilities | | Telnet protocol vulnerabilities | | Configure SSH | | Configure vty ACLs | | Configure Cisco IOS secure HTTP server | | Switch security considerations | | | | |
| 8. Accommodating Voice and Video in Campus Networks |
| Configure basic QoS for voice and video VLANs | |
9. Integrating Wireless LANs into a Campus Network |
| Comparing WLANs with Campus Networks | | WLANs | | Compare wired and wireless LAN | | Main wireless LAN topologies | | Settings specific to WLANs, such as SSIDs, and WLAN-to-VLAN mapping | | Provide additional services required by VoIP devices | | Create a Test Plan for VoIP integration | | | | | Preparing the Campus Infrastructure for WLANs | | Best placement for APs and controllers | | Configure switches for WLAN devices | | Gather WLAN requirements | | Plan WLAN integration | | Create a test plan | | | | Assessing the Impact of WLANs on Campus Networks | | WLAN implementations | | Compare WLAN solutions | | Assess traffic flow in an autonomous AP configuration and its impact on the campus LAN | | Assess traffic flow in an controller-based configuration and its impact on the campus LAN | | | | |
