Short description of the ARCH course (ARCH version 3.0)
This course provides information on the development of network design taking into account the high requirements for individual services - e-commerce, security systems, networks of operators and hosting providers. The course includes information on optimizing network topologies, developing network design in terms of subsequent scaling, the optimal operation of individual services, as well as information necessary for working and solving tasks at the level of a network architect.
We deepen the material of our courses, adding practical work, replacing demonstrations with laboratory work, and discussing additional topics - which is why our ARCH 3.0 course is better for exam preparation than the standard “minimalistic” authorized ARCH.
Needed for status architect responsibilities
CCDP Certification - Cisco Certified Design Professional
Prepares for certification exams
Cost of participation in the ARCH 3.0 course
Participation is free - you only need to register and do not forget to confirm the registration.
Membership restriction
This course can participate only holders active on the start date of the event subscription the Knowledge Assurance coverage.
Course Program ARCH 3.0
Module 1 - Corporate Networks with High Resiliency Requirements
Routing architecture using the protocol the EIGRP . Acceleration of convergence, the creation of several AS, two-and three-level EIGRP hierarchy. Suboptimal routing and scaling hub-and-spoke. What are choke point and black hole. Scaling in the case of DMVPN.
OSPF routing architecture . Regions and ABR. Hierarchical regions in OSPF and tunnels. Summarization LSA 3/5. Full Mesh / Hub-and-Spoke design and ABR layout. Types of networks and optimization of peering routers. BFD states and their processing. Reduced overhead and flood reduction.
Routing architecture using the IS-IS protocol . L1 / L2 regions. Routing logic and route leaking processing. Symmetric and asymmetric routing between IS-IS regions. LSDB Sync. LSP Flooding Engine. Limitations and important subtleties of planning IS-IS topology.
Module 2 - BGP Architecture in a Corporate Network
Scaling IBGP interaction. Confederations and route reflectors. Using split horizon. Clustering and cluster-list. The hierarchy of route reflectors.
BGP Communities - why and how to use.
Balancing traffic to ISP using BGP. Scenarios with one connection, two connections to one provider, multiple connections to several providers.
Module 3 - Considering WAN Connection Requirements in Enterprise Network Design
VPN channels provided as an operator service. L3 MPLS VPN. Why do we need route distinguisher'y and route target'y. Using EIGRP, OSPF, BGP protocols for Provider edge <-> Customer edge communication. VPWS and VPLS.
VPN channels supported by the enterprise. IPsec with VTI and Dynamic VTI, GETVPN and DMVPN, regular and mGRE, SSL VPN and FlexVPN.
WAN topologies and reliability issues. Typical MPLS WAN and VPN models. Using 3G / 4G as backup channels. What are IWAN and Cisco PfR. The subtleties of design and customization.
Campus Edge segment topology and Remote LAN and Interconnect models. Secure connection of external partners to the extranet segment, with segmentation and multitenant accounting.
SDN and Software Defined Networking Security Issues. Cisco ONE: APIC-EM.
Module 4 - Network Design in an Enterprise Data Center
The network of the data center is a two- and three-level architecture. End of Row and Top of Rack. Why do we need fabric extenders.
Isolation of client networks using VRF-Lite and VDC. Microsegmentation with overlay networks.
Geoclusters and DCI. AToM and GRE . Overlay Transport Virtualization DCI.
Traffic in the data center and optimization of its processing.
SDN and APIC-DC. Cisco ACI Fabric EPG - End-point Groups and setting up Policy contracts. How Application Network Profile Discovery Works
Module 5 - Designing an Enterprise Security Services Architecture
Network separation into security zones (NGF).
Protection of infrastructure devices, control and monitoring systems, key routing and switching nodes.
Firewalls and IPS solutions. Network Access Control - 802.1X and Cisco TrustSec
Module 6 - QoS Architecture and User Experience Management
IntServ and DiffServ models. L2 / L3 Marking - with 802.1Q /802.1p, ToS and DSCP. L7 classification with NBAR / NBAR2. Work policier / shaper. How the token bucket logic model works in different scenarios. Queues are physical tx-ring, logical FQ, CBWFQ, LLQ, WRED and IP / TCP ECN redundant traffic control mechanisms.
QoS models. RFC 4594, 4-8-12-class strategies. Classification + labeling, priority and dumping of excess traffic.
QoS on the campus segment of the enterprise network. Recommendations for working with various types of traffic. Bursts and traffic buffering planning.
QoS in the enterprise data center. Topology examples for High Performance Trading, BigData, and shared hosting. Data Center Bridging Toolset.
QoS for WAN connections. Accounting for the performance of equipment along the entire route of the passage of traffic. Latency and jitter management.
QoS for MPLS VPN. QoS management in complex MPLS topologies. Label tunneling options with DiffServ.
QoS for IPsec VPN. What is IPsec Refresher. MTU management. Subtleties in the variant DMVPN and GETVPN.
Module 7 - Implementing IPv6
Phased transition and implementation of IPv6. First steps. Variants of scenarios with support from the operator or without it. IPv6 Islands. NAT64 and DNS 64. Tunnels. DS-Lite and LISP.
Application Compatibility Issues. Security Considerations for IPv6 Implementation.
NBAR Architecture
IP SLA Design
Module 8 - Design of Multicast Services on a Network (Triple Play / IPTV)
Overview of IP multicast. Protocols and logic distribution trees.
PIM-SM and additions to the PIM protocol. Source Specific Multicast.
The choice of RP. Running Bootstrap Router and MSDP .
Multicast traffic management security.
This course provides information on the development of network design taking into account the high requirements for individual services - e-commerce, security systems, networks of operators and hosting providers. The course includes information on optimizing network topologies, developing network design in terms of subsequent scaling, the optimal operation of individual services, as well as information necessary for working and solving tasks at the level of a network architect.
We deepen the material of our courses, adding practical work, replacing demonstrations with laboratory work, and discussing additional topics - which is why our ARCH 3.0 course is better for exam preparation than the standard “minimalistic” authorized ARCH.
Needed for status architect responsibilities
CCDP Certification - Cisco Certified Design Professional
Prepares for certification exams
Cost of participation in the ARCH 3.0 course
Participation is free - you only need to register and do not forget to confirm the registration.
Membership restriction
This course can participate only holders active on the start date of the event subscription the Knowledge Assurance coverage.
Course Program ARCH 3.0
Module 1 - Corporate Networks with High Resiliency Requirements
Routing architecture using the protocol the EIGRP . Acceleration of convergence, the creation of several AS, two-and three-level EIGRP hierarchy. Suboptimal routing and scaling hub-and-spoke. What are choke point and black hole. Scaling in the case of DMVPN.
OSPF routing architecture . Regions and ABR. Hierarchical regions in OSPF and tunnels. Summarization LSA 3/5. Full Mesh / Hub-and-Spoke design and ABR layout. Types of networks and optimization of peering routers. BFD states and their processing. Reduced overhead and flood reduction.
Routing architecture using the IS-IS protocol . L1 / L2 regions. Routing logic and route leaking processing. Symmetric and asymmetric routing between IS-IS regions. LSDB Sync. LSP Flooding Engine. Limitations and important subtleties of planning IS-IS topology.
Module 2 - BGP Architecture in a Corporate Network
Scaling IBGP interaction. Confederations and route reflectors. Using split horizon. Clustering and cluster-list. The hierarchy of route reflectors.
BGP Communities - why and how to use.
Balancing traffic to ISP using BGP. Scenarios with one connection, two connections to one provider, multiple connections to several providers.
Module 3 - Considering WAN Connection Requirements in Enterprise Network Design
VPN channels provided as an operator service. L3 MPLS VPN. Why do we need route distinguisher'y and route target'y. Using EIGRP, OSPF, BGP protocols for Provider edge <-> Customer edge communication. VPWS and VPLS.
VPN channels supported by the enterprise. IPsec with VTI and Dynamic VTI, GETVPN and DMVPN, regular and mGRE, SSL VPN and FlexVPN.
WAN topologies and reliability issues. Typical MPLS WAN and VPN models. Using 3G / 4G as backup channels. What are IWAN and Cisco PfR. The subtleties of design and customization.
Campus Edge segment topology and Remote LAN and Interconnect models. Secure connection of external partners to the extranet segment, with segmentation and multitenant accounting.
SDN and Software Defined Networking Security Issues. Cisco ONE: APIC-EM.
Module 4 - Network Design in an Enterprise Data Center
The network of the data center is a two- and three-level architecture. End of Row and Top of Rack. Why do we need fabric extenders.
Isolation of client networks using VRF-Lite and VDC. Microsegmentation with overlay networks.
Geoclusters and DCI. AToM and GRE . Overlay Transport Virtualization DCI.
Traffic in the data center and optimization of its processing.
SDN and APIC-DC. Cisco ACI Fabric EPG - End-point Groups and setting up Policy contracts. How Application Network Profile Discovery Works
Module 5 - Designing an Enterprise Security Services Architecture
Network separation into security zones (NGF).
Protection of infrastructure devices, control and monitoring systems, key routing and switching nodes.
Firewalls and IPS solutions. Network Access Control - 802.1X and Cisco TrustSec
Module 6 - QoS Architecture and User Experience Management
IntServ and DiffServ models. L2 / L3 Marking - with 802.1Q /802.1p, ToS and DSCP. L7 classification with NBAR / NBAR2. Work policier / shaper. How the token bucket logic model works in different scenarios. Queues are physical tx-ring, logical FQ, CBWFQ, LLQ, WRED and IP / TCP ECN redundant traffic control mechanisms.
QoS models. RFC 4594, 4-8-12-class strategies. Classification + labeling, priority and dumping of excess traffic.
QoS on the campus segment of the enterprise network. Recommendations for working with various types of traffic. Bursts and traffic buffering planning.
QoS in the enterprise data center. Topology examples for High Performance Trading, BigData, and shared hosting. Data Center Bridging Toolset.
QoS for WAN connections. Accounting for the performance of equipment along the entire route of the passage of traffic. Latency and jitter management.
QoS for MPLS VPN. QoS management in complex MPLS topologies. Label tunneling options with DiffServ.
QoS for IPsec VPN. What is IPsec Refresher. MTU management. Subtleties in the variant DMVPN and GETVPN.
Module 7 - Implementing IPv6
Phased transition and implementation of IPv6. First steps. Variants of scenarios with support from the operator or without it. IPv6 Islands. NAT64 and DNS 64. Tunnels. DS-Lite and LISP.
Application Compatibility Issues. Security Considerations for IPv6 Implementation.
NBAR Architecture
IP SLA Design
Module 8 - Design of Multicast Services on a Network (Triple Play / IPTV)
Overview of IP multicast. Protocols and logic distribution trees.
PIM-SM and additions to the PIM protocol. Source Specific Multicast.
The choice of RP. Running Bootstrap Router and MSDP .
Multicast traffic management security.
