Total 18 Blogs

Created by - Orhan Ergun

What are New in Cisco CCDE v3 Exam?

Currently, in 2022, the CCDE exam version is version 3. There are many new changes in CCDE v3 compared to CCDE v2 and in this blog post, some are the new changes will be explained, also for the things that stay the same will be highlighted as well. Also, I will share my takes in the post about these changes. Before starting the technical changes, let's start with the exam result announcement change. CCDE v2 exam has been announced in 8-12 weeks. This was effectively allowing CCDE exam candidates to schedule the exam two times maximum in a year. Students wouldn't schedule the exam if they fail because the announcement date and new exam date were usually overlapping. This changed anymore. With CCDE v3, exam results are announced in 48 hours. It is almost like CCIE exams. The CCDEv3 Practical Exam will be in the Cisco CCIE Lab locations anymore CCDE v2 Lab/Practical exam was done in Professional Pearson Vue Centers. There were 300 of them and done in many different countries. Unfortunately, this change may not be good for many exam takers as Cisco CCIE Lab locations are not available in many countries and are not as common as Pearson Vue Centers. CCDE v3 exam Scheduling is done via the CCIE/CCDE portal • Registration opens 90 days before the exam date   CCDE v3 exam will be done every year, six CCDE exams are expected. (Previously with CCDE v2 it was 4, even sometimes 3) CCDEv2 exam was done every 3 months, usually 4 times a year. If you fail the exam, because of the exam result policy, you couldn't attend the next one but maybe the one after. So, effectively it was two times a year. Because the CCDEv3 exam will be announced in 48 hours and 6 times a year, if you fail the exam, you can attend the next one, because there will be enough time to schedule the next exam, find a hotel, flight ticket, etc, if travel is necessary. So, making the exam more frequently would increase its popularity of the exam, so I consider it a good move as well. Introduction of Core and Area of Expertise modules in Cisco CCDEv3 exam For many years, we have been hearing from many students about whether there will be Datacenter or Service Provider, Collaboration or Security expertise, etc. Cisco came up with this anymore. There will be 3 different Area of Expertise you can choose any of them and one of the practical scenarios will be based on your selection. Similar to CCDEv2, in CCDEv3 we will have in total of 4 scenarios and a total of 8 hours for all the scenarios. Each scenario will be limited to 2 hours maximum and even if you finish one of the scenarios faster than 2 hours, the remaining time won't be added to the next scenario. 3 scenarios will be named Core Module and 1 scenario will be the Area Of Expertise scenario. The core module covers technologies all candidates must know It comes with the Enterprise technologies (no Data Center/Service Provider) • Core module is vendor-agnostic The area of Expertise module covers specific technology areas: • More detailed knowledge expected • Cisco-specific technologies may appear in the Area of Expertise module CCDE v3 Area of Expertise Modules Area of Expertise options: Large-Scale Networks On-prem and Cloud Services Workforce Mobility You can select any of the above Area of Expertise and you will have 2 hours in the CCDEv3 exam, and around 15-25 questions in the scenario. For now, this is enough, for the other changes and CCDEv3-related content, please check the other posts and our free and paid courses.

Published - Mon, 23 May 2022

Created by - Orhan Ergun

CCIE vs CCDE What's the difference?

CCIE vs CCDE is probably one of the most frequently asked questions by networking experts. To get more information on CCDE contents and syllabus, you can check my Instructor Led CCDE or Self Paced CCDE course webpages. How many times have you asked yourself or discussed this topic with your friends? Many times, right? CCIE vs CCDE I have CCIE routing switching and/or service provider, should I continue to design certificates such as CCDE or should I study for another expert-level certification, perhaps virtualization certification? To illustrate my answer, let me give you an example. Consider that you would build Greenfield network. (Usually, it is the same for Brownfield as well). First, you need to understand the business, how many locations it has, where it is located, where is HQ or HQs, Datacenter, POP locations, and so on. After that, you try to understand how the business can assist its consumers. It can be retail, airport, stadium, or service provider network. All these businesses have similar and different requirements, For example, stadium architecture requires you to have ticketing systems, access control systems and streaming the game, all of which are connected to the network. So, you need to understand the business requirements, how they want their revenue to appear, and how their systems interact with one another. Then, you will provide the business with an architecture to support its requirements. You may need to enable QoS or Multicast for that application, as an example. Architecture refers to the process of gathering, analyzing, and clarifying business requirements. Without Architecture, a Design Is Just a Guess The designer needs to understand the business objectives and high-level functional specifications. In the retail store example, store sales information may be updated with some central locations such as Datacenter for the purpose of analyzing data only, and high availability requirements of the store may not have much priority. Now, let me give an example that shows that it is pertinent that you understand why a design is important and why it requires different strategies. A Business has 1000 sites connected to two data centers. (Technically, we call it Hub and Spoke). It plans to open 1000 additional sites within 2 years. The business wants to operate its WAN network. While its data is highly classified, the business carries a small amount of data between remote sites and data centers. The business can tolerate up to half an hour of downtime. Since the enterprise has many remote sites, it wants to reduce the cost of devices in remote offices. Ideally, the enterprise wants to operate those sites using small resources on its devices. And since there are many sites, it wants the most cost-effective WAN solution. As you must have observed, I did not mention anything technical so far. All these requirements can be received from the business leader, perhaps the CIO or CTO of the company. Let me translate these business requirements and the structure of the technical terms. The company has many sites, and it needs a scalable design. The available requirements are not tight. The business’s network physically fits Hub and Spoke (Star) topology. So far, the MPLS L3 VPN service from the provider seems suitable for its requirements. Let’s continue. The business wants to operate its WAN network. Now, we have eliminated the MPLS L3VPN option. If you get l3 VPN from the provider, you can have the multi-point-to multi-point capability; however, you may lose your control. This is because you are transferring SLA and risks to the service provider even though you depend on their performance and control. After understanding the architecture and business requirements, translating those requirements to the technical solutions is the design. You can come up with many valid design alternatives. But you should always proffer the simplest solution. The business believes that its data is highly confidential, so we need to encrypt its data. Based on the business requirements, IPSEC over DMVPN would be a valid design. DMVPN can be set up over leased lines, virtual leased lines, Internet, and so on. Since its availability requirement is not tight and the business wants the most cost-effective design, IPSEC over DMVPN over the Internet is suitable. The equipment choice is important, but not necessarily, from the design point of view. The CCDE task is generally a CCDA engineer’s job. If you are lucky, you can tell your boss that it is not your job Which routing protocol would you choose? More importantly, do not forget that they have two data centers. Architecture understood the applications and the systems, all of which the business needs. The business also needs the interactions those systems have with each other at the conceptual level. The designer will translate those requirements to technical requirements. After that, the designer will find the best technologies for these requirements. CCIE as an operational task will translate these technical requirements and technologies to low-level configuration state. The designer doesn’t configure NHRP, IPSEC Crypto, Routing Protocols, Redistribution, Area Assignment, and so on. CCIE does not necessarily need to know if EIGRP or OSPF would be a better option for the business. However, CCIE needs to know how links can be assigned to the OSPF Areas, how EIGRP Stub is configured, and so on.   You can watch my youtube video on CCIE vs CCDE discussion below. Don’t forget to subscribe to channel to follow my all updates.   [embed]https://youtu.be/6ZMIjM0EVQU[/embed]     What would be your design for the above business requirements? To have a great understanding of SP Networks, you can check my new published “Service Provider Networks Design and Perspective” Book.

Published - Wed, 09 Feb 2022

Created by - Orhan Ergun

CCIE Enterprise Infrastructure Training

CCIE Enterprise Infrastructure Training by Orhan Ergun. As Orhan Ergun, I always aim to provide best training in the world. I started recently CCIE Enterprise Infrastructure training. In this post you will see why you should get this training, why you should get it from Orhan Ergun, what are the requirement to attend , what are the unique benefits, training outline and many other details.   CCIE Enterprise Infrastructure Training v1.0   New CCIE Enterprise Infrastructure training will prepare you for the new solutions of enterprise networks in today’s networking era. This Training is more oriented on the basis of new and latest solutions instead of the legacy network technologies.   Benefits of Orhan Ergun CCIE Enterprise Infrastructure Training:  20 days – 10 Weekends – 2 and half months (80 hours, 4 hours each day, on weekends) training CCIE IE Workbook and Classroom materials (More than five thousand (5000) pages) It will be live training but self paced training will be provided when it is completed for free to the attendees Attendees will receive all the session recordings All the students are placed in a study group, 100s of people collobarate Students talk immediately with Orhan Ergun for the mentorship! When you want to attend CCDE Training, extra 20% discount   Why CCIE Enterprise Infrastructure Training from Orhan Ergun?There are unique reasons why you should get this training from Orhan Ergun 30% of the exam is design and Orhan Ergun has been teaching network design since many years and 100+ people passed even CCDE Practical exam with him In this training, We will help to demonstrate over 100 Labs to the students for better understanding the technologies and the passing the exam Study group and one to one mentorship for each student , similar to what Orhan has been doing for his CCDE students for many years Workbooks , thousands of pages study materials , definitely will be much more than any of his competitor in the world Self Paced study videos Investment Protection – When you want to attend any of our other trainings such as CCIE SP , CCDE, Segment Routing etc, you will receive extra 30% discount over the course cost   What is the target audience for CCIE Enterprise Infrastructure Training?   The primary audience for this course is network engineers that need be able to use an expert-level problem-solving process that includes options analysis to support complex network technologies and topologies. The secondary audience is network designers that design and support complex network technologies and topologies   Prerequisites for CCIE Enterprise Infrastructure Training:There are no formal prerequisites for CCIE Enterprise Infrastructure training, but you should have a thorough understanding of the exam topics before taking the exam. CCNP Level knowledge is enough to attend this training. For More info [email protected] Please contact with [email protected] for group or corporate trainings and any other non-technical topics.   CCIE Enterprise Infrastructure Training Outline:   Layer2 Protocols   Layer 2 Protocols VLAN Technologies EtherChannel Spanning-Tree Protocol Switch Administration Layer 3 Protocols IPv6 2.1a IPv6 Basics 2.1b IPv6 Addressing 2.1c IPv6 Address Assingment 2.1d IPv6 Tunneling 2.1e IPv6 Packet Types EIGRP / EIGRPv6 2.2a Adjacency 2.2b Best Path Selection 2.2c EIGRP Load Balancing 2.2d EIGRP Optimization & Features OSPF / OSPFv3 2.3a Adjacency 2.3b Network Types & Area Types 2.3c Path Preference 2.3d OSPF Opmization & Features 2.3e OSPF Operations BGP 2.4a iBGP & eBGP Relationship 2.4b BGP Path Selection 2.4c BGP Path Attributes 2.4d BGP Communities 2.4e BGP Optmizations 2.4f BGP Features Layer 3 Features 2.5a VRF 2.5b VRF-LITE 2.5c Policy Based Routing 2.5d Biderectional Forwarding Detection   Multicast Layer 2 Multicast 3.1a IGMPv2 and IGMPv3 3.1b IGMP Snooping, PIM Snooping 3.1c IGMP  Querier 3.1d MLD Layer 3 Multicast 3.2a Sparse Mode 3.2b RP Configurations 3.2c Bidirectional PIM 3.2d SSM 3.2e PIMv6 Anycast RP 3.2f MSDP Transport Technologies and the Solutions MPLS MPLS Basics MPLS Operations MPLS L3 VPN 1.3a PE-CE Routing 1.3b MP-BGP 1.3c VPNv4 / VPNv6 1.3d VRF Route Leaking VPN GRE VPN Introduction to IPSEC Protocol GRE Over IPSEC VPN MGRE Over IPSEC VPN DMVPN 2.5a NHRP 2.5b DMVPN Phase 1 2.5c DMVPN Phase 2 (EIGRP & OSPF) 2.5d DMVPN Phase 3 (EIGRP & OSPF) 2.5e DMVPN Phase 3 with Dual Hub 2.5f Troubleshooting DMVPN IKEv2 VPN 2.6a Introduction to IKEv2 2.6b IKEv2 Configuration with Pre-Shared Key Flex VPN 2.7a introduction to Flex VPN 2.7b Flex VPN Configuration 2.7c MPLS Over Flex VPN Infrastructure Security and the Services Device Security on Cisco IOS AAA Control Plane Policing Switch Security Router Security IPv6 Security IEEE 802.1x Port Based Authentication Quality of Service Layer 3 QoS using MQC 2.1a CoS and DSCP Mapping 2.1b Classification 2.1c Marking 2.1d NBAR 2.1e Policing & Shaping 2.1f Congestion Management and Avoidance Network Services First Hop Redundancy Protocol 3.1a HSRP 3.1b GLBP 3.1c VRRP 3.1d IPv6 Redundancy NTP DHCP on Cisco IOS 3.3a DHCP Options 3.3b SLAAC/DHCPv6 3.3c Stateful, Stateless DHCPv6 IPv4 Network Address Translation 3.4a Static NAT/PAT 3.4b Dynamic NAT 3.4c Policy Based NAT 3.4d VRF-Aware NAT Network Services and the Operations IP SLA Netflow Traffic Capture IOS-XE Troubleshooting Software Defined Infrastructure Cisco SD-Access Design a Cisco SD-Access 1.1a Introduction to Campus Network Fabric 1.1b Underlay and Overlay Network 1.1c Fabric Domains Cisco SD-Access Deployment 1.2a Cisco DNA Center device discovery 1.2b Cisco DNA Center device management 1.2c Host Onboarding (Wired endpoint only) 1.2d Fabric Border Handoff Segmentation 1.3a Macro-level Segmentation using VNs 1.3b Introduction to Cisco ISE for SD-Access 1.3c Cisco DNA Center and ISE Integration 1.3d Micro-level Segmentation using Cisco ISE Assurance 1.4a Network and Client Health 360 1.4b Monitoring and Troubleshooting Cisco SD-WAN Design a Cisco SD-WAN 2.1a Introduction to Cisco SD-WAN Solutions 2.2b Control Plane 2.2c Management Plane 2.2d Orchestration Plane 2.2e Data Plane WAN Edge Deployment 2.2a Onbording New Edge Router 2.2b Orchestration with zero-touch provisioning 2.2c Plug-and-Play 2.2d OMP 2.2e TLOC Configuration Templates Localized Policies Centralized Policies LABS (70+ Labs will be covered) Lab-1: Switch Administration Lab-2: Spanning-Tree Protocol Lab-3: EtherChannel Lab-4: IPv6 Addressing Lab-5: IPv6 Tunneling Lab-6: Named EIGRP Configuration Lab-7: EIGRP Load Balancing Lab-8: EIGRP Optmization and Summarization Lab-9: EIGRPv6 Configuration Lab-10: OSPF Configuration Lab Lab-11: OSPF Area Types Lab Lab-12: OSPF Optmization, Features and Summarization Lab-13: OSPFv3 Configuration Lab-14: iBGP and eBGP Peering Lab-15: Weight and Local Prefrence Attribute Lab16: AS-Path and Origin Code Attribute Lab-17: MED Attribute Lab-18: BGP Route Filtering, Conditional Advertisement Lab-19: Standard and Extended Community Lab-20: Local-AS, Allowas-in, remove-private-as Lab-21: BGP Prefix Aggregation Lab-22: VRF, VRF-Lite Configuration Lab-23: BFD and Policy Based Routing Lab-24: IGMP Snooping & PIM Snooping Configuration Lab-25: MLD Configuration Lab-26: RP Confiugration (Static, Auto-RP & BSR) Lab-27: MSDP Configuration Lab-27: SSM Configuration Lab-28 PIMv6 Anycast RP Lab-30: MPLS L3 VPN Configuration Lab-31: MPLS L3 VPN with BGP RR and Allowas-in/Asoveride Lab-32: MPLS L3 VPN using VPNv6 Address Family Lab-33: MPLS L3 VPN with Extranet (VRF Route Leaking) Lab-34: GRE VPN Lab-35: GRE Over IPSEC Lab-36 MGRE Over IPSEC Lab-37 DMVPN Phase I Lab-38: DMVPN Phase II and Phase III (EIGRP) Lab-39: DMVPN Phase II and Phase III (OSPF) Lab-40: DMVPN Phase III with Dual Hub Lab-41: IKEv2 VPN with Pre-Shared Key Lab-42: Flex VPN Configuration Lab-43: MPLS Over Flex VPN Lab-45: Switch Security/Router Security/Control Plane Policing Lab-46: IPv6 ACL Lab-47: 802.1X Authentication using local database Lab-48: QoS Configuration on Cisco Router – Marking/Classifying Lab-49 NBAR Lab-50 Policing & Shaping Lab-51: HSRP Lab-52 VRRP Lab-53: GLBP Lab-54: IPv6 Redundancy Lab-55: Stateful/Stateless DHCPv6 Lab-56: Static NAT/PAT, Dynamic NAT Lab-57: Dynamic NAT, Policy Based NAT Lab-58: VRF Aware NAT Lab-59: IP SLA, Netflow, Traffic Capture Lab-61: SDA LAN Automation with PnP Lab-62: SDA Configuration Template Lab-63: SDA Identity Policy with ISE Lab-64: SDA Application Policy (Easy QoS) Lab-65: SDA Device Admin Lab-66: SDA Monitoring and Troubleshooting Lab-67 SD-WAN Secure Control Plane Bring Up Lab-68 SD-WAN Data Plane Bring Up Lab-69: SD-WAN Overlay Management Protocol (OMP) Lab-70: SD-WAN vManage Template Lab-71: SD-WAN vSmart Policies Lab-72: SD-WAN vAnalaytic Lab-73: Troubleshooting SD-WAN

Published - Wed, 21 Apr 2021

Created by - Orhan Ergun

What is MTL in CCIE Enterprise Infrastructure Training?

MTL - Multi Technology Lab consist of many technologies in a large topology. When network design is considered, there is no single protocol, many protocols interact with each other. In my CCIE Enterprise Infrastructure Training, I have many MTL (Multi Technology Lab), and students are able to watch the videos, and with the config files, they are able to perform each task in the Lab themselves.   From OSPF, EIGRP to BGP, QoS to Multicast, Layer 2 Technologies to Security, SD-WAN and many other technologies are all in the same lab. Traditionaly these kind of Labs were called as Mock Labs but better term is Multi Technology Lab. If you see on the social media next time one of this labs with OE logo, you know that it is MTL! Let me see your comment :)   You can check the schedule of next CCIE Enterprise Course by clicking here! 

Published - Wed, 21 Apr 2021

Created by - Orhan Ergun

150+ Hours CCIE Enterprise Infrastructure Training/Bootcamp

150+ hours CCIE Enterprise Infrastructure Training/Bootcamp. Can it happen? Yes, in fact my CCIE Enterprise Instructor Led course is over 150 hours, design , theory and lab content.   In the CCIE Enterprise training I go through not only traditional technologies such as OSPF, EIGRP , BGP , MPLS, Multicast, QoS, IPv6 etc. but also there are so many SD-WAN , SD-Access and Network Programmability and Automation content. Probably you have seen some topologies on social media (I use LinkedIn mostly), those topologies consists of many tasks and we cover all of them in the training.   I have two versions of CCIE Enterprise Training.        1.Self Paced CCIE Enterprise Infrastructure Training:   In this training, all the content of CCIE Instructor Led training is covered but as a recorded video format. Participant of Self Paced CCIE Enterprise Training gets not only videos but also Config files/Labs , workbooks, design comparison charts (don't forget there is 3 hours design module in CCIE Enterprise exam), session materials and so on. Self Paced training students are placed in a study group together with the Instructor Led CCIE Enterprise training/bootcamp students.       2. Instructor Led CCIE Enterprise Infrastructure Training:   In this training, I am talking live with the students. Webex or In-person based live training. Instructor Led CCIE Enterprise students get Self Paced version of the course for free. Also, all the advantages of the Self Paced training comes for free with it.   My CCIE Enterprise Bootcamp students get always additional discount when they want to join ay of my trainings. Even if training is already discounted. I call this ' Investment Protection'   You can have questions, you should ask always questions, send them please to [email protected] Do your research very well, ask people on the Internet before you join any training, not only CCIE or CCDE but any training. Already 100s of people are in my CCIE Enterprise Study Group and you can just ask anyone on Internet about it!   Below are some of the topics in this training: 1.1 Layer 2 Protocols 1.2 VLAN Technologies 1.3 EtherChannel 1.4 Spanning-Tree Protocol 1.5 Switch Administration 2.0 Layer 3 Protocols 2.1 IPv6 2.1a IPv6 Basics 2.1b IPv6 Addressing 2.1c IPv6 Address Assingment 2.1d IPv6 Tunneling 2.1e IPv6 Packet Types 2.2 EIGRP / EIGRPv6 2.2a Adjacency 2.2b Best Path Selection 2.2c EIGRP Load Balancing 2.2d EIGRP Optimization & Features 2.3 OSPF / OSPFv3 2.3a Adjacency 2.3b Network Types & Area Types 2.3c Path Preference 2.3d OSPF Opmization & Features 2.3e OSPF Operations 2.4 BGP 2.4a iBGP & eBGP Relationship 2.4b BGP Path Selection 2.4c BGP Path Attributes 2.4d BGP Communities 2.4e BGP Optmizations 2.4f BGP Features 2.5 Layer 3 Features 2.5a VRF 2.5b VRF-LITE 2.5c Policy Based Routing 2.5d Biderectional Forwarding Detection 3.0 Multicast 3.1 Layer 2 Multicast 3.1a IGMPv2 and IGMPv3 3.1b IGMP Snooping, PIM Snooping 3.1c IGMP  Querier 3.1d MLD 3.2 Layer 3 Multicast 3.2a Sparse Mode 3.2b RP Configurations 3.2c Bidirectional PIM 3.2d SSM 3.2e PIMv6 Anycast RP 3.2f MSDP Module 2 - Transport Technologies and Solutions 1.0 MPLS 1.1 MPLS Basics 1.2 MPLS Operations 1.3 MPLS L3 VPN 1.3a PE-CE Routing 1.3b MP-BGP 1.3c VPNv4 / VPNv6 1.3d VRF Route Leaking 2.0 VPN 2.1 GRE VPN 2.2 Introduction to IPSEC Protocol 2.3 GRE Over IPSEC VPN 2.4 MGRE Over IPSEC VPN 2.5 DMVPN 2.5a NHRP 2.5b DMVPN Phase 1 2.5c DMVPN Phase 2 (EIGRP & OSPF) 2.5d DMVPN Phase 3 (EIGRP & OSPF) 2.5e DMVPN Phase 3 with Dual Hub 2.5f Troubleshooting DMVPN 2.6 IKEv2 VPN 2.6a Introduction to IKEv2 2.6b IKEv2 Configuration with Pre-Shared Key 2.7 Flex VPN 2.7a introduction to Flex VPN 2.7b Flex VPN Configuration 2.7c MPLS Over Flex VPN Module 3 - Infrastructure Security and Services 1.0 Device Security on Cisco IOS 1.1 AAA 1.2 Control Plane Policing 1.3 Switch Security 1.4 Router Security 1.5 IPv6 Security 1.6 IEEE 802.1x Port Based Authentication 2.0 Quality of Service 2.1 Layer 3 QoS using MQC 2.1a CoS and DSCP Mapping 2.1b Classification 2.1c Marking 2.1d NBAR 2.1e Policing & Shaping 2.1f Congestion Management and Avoidance 3.0 Network Services 3.1 First Hop Redundancy Protocol 3.1a HSRP 3.1b GLBP 3.1c VRRP 3.1d IPv6 Redundancy 3.2 NTP 3.3 DHCP on Cisco IOS 3.3a DHCP Options 3.3b SLAAC/DHCPv6 3.3c Stateful, Stateless DHCPv6 3.4 IPv4 Network Address Translation 3.4a Static NAT/PAT 3.4b Dynamic NAT 3.4c Policy Based NAT 3.4d VRF-Aware NAT 4.0 Network Services / Operations 4.1 IP SLA 4.2 Netflow 4.3 Traffic Capture 4.4 IOS-XE Troubleshooting Module 4 - Infrastructure Automation and Programmability 1.0 Network Data Encoding Formats, Automation and Scripting 1.1 JSON 1.2 XML 1.3 EEM Applets 1.4 Guest Shell 2.0 Network Programmability 2.1 Interation with vManage API 2.2 Interation with Cisco DNA Center API 2.1 Interation with Cisco IOS XE API 2.1 Deploy and Verify model-driven telemetry Module 5 - Software Defined Infrastructure 1.0 Cisco SD-Access 1.1 Design a Cisco SD-Access 1.1a Introduction to Campus Network Fabric 1.1b Underlay and Overlay Network 1.1c Fabric Domains 1.2 Cisco SD-Access Deployment 1.2a Cisco DNA Center device discovery 1.2b Cisco DNA Center device management 1.2c Host Onboarding (Wired endpoint only) 1.2d Fabric Border Handoff 1.3 Segmentation 1.3a Macro-level Segmentation using VNs 1.3b Introduction to Cisco ISE for SD-Access 1.3c Cisco DNA Center and ISE Integration 1.3d Micro-level Segmentation using Cisco ISE 1.4 Assurance 1.4a Network and Client Health 360 1.4b Monitoring and Troubleshooting 2.0 Cisco SD-WAN 2.1 Design a Cisco SD-WAN 2.1a Introduction to Cisco SD-WAN Solutions 2.2b Control Plane 2.2c Management Plane 2.2d Orchestration Plane 2.2e Data Plane 2.2 WAN Edge Deployment 2.2a Onbording New Edge Router 2.2b Orchestration with zero-touch provisioning 2.2c Plug-and-Play 2.2d OMP 2.2e TLOC 2.3 Configuration Templates 2.4 Localized Policies 2.5 Centralized Policies Labs     Lab-1: Switch Administration Lab-2: Spanning-Tree Protocol Lab-3: EtherChannel Lab-4: IPv6 Addressing Lab-5: IPv6 Tunneling Lab-6: Named EIGRP Configuration Lab-7: EIGRP Load Balancing Lab-8: EIGRP Optmization and Summarization Lab-9: EIGRPv6 Configuration Lab-10: OSPF Configuration Lab Lab-11: OSPF Area Types Lab Lab-12: OSPF Optmization, Features and Summarization Lab-13: OSPFv3 Configuration Lab-14: iBGP and eBGP Peering Lab-15: Weight and Local Prefrence Attribute Lab16: AS-Path and Origin Code Attribute Lab-17: MED Attribute Lab-18: BGP Route Filtering, Conditional Advertisement Lab-19: Standard and Extended Community Lab-20: Local-AS, Allowas-in, remove-private-as Lab-21: BGP Prefix Aggregation Lab-22: VRF, VRF-Lite Configuration Lab-23: BFD and Policy Based Routing Lab-24: IGMP Snooping & PIM Snooping Configuration Lab-25: MLD Configuration Lab-26: RP Confiugration (Static, Auto-RP & BSR) Lab-27: MSDP Configuration Lab-27: SSM Configuration Lab-28 PIMv6 Anycast RP Lab-30: MPLS L3 VPN Configuration Lab-31: MPLS L3 VPN with BGP RR and Allowas-in/Asoveride Lab-32: MPLS L3 VPN using VPNv6 Address Family Lab-33: MPLS L3 VPN with Extranet (VRF Route Leaking) Lab-34: GRE VPN Lab-35: GRE Over IPSEC Lab-36 MGRE Over IPSEC Lab-37 DMVPN Phase I Lab-38: DMVPN Phase II and Phase III (EIGRP) Lab-39: DMVPN Phase II and Phase III (OSPF) Lab-40: DMVPN Phase III with Dual Hub Lab-41: IKEv2 VPN with Pre-Shared Key Lab-42: Flex VPN Configuration Lab-43: MPLS Over Flex VPN Lab-45: Switch Security/Router Security/Control Plane Policing Lab-46: IPv6 ACL Lab-47: 802.1X Authentication using local database Lab-48: QoS Configuration on Cisco Router - Marking/Classifying Lab-49 NBAR Lab-50 Policing & Shaping Lab-51: HSRP Lab-52 VRRP Lab-53: GLBP Lab-54: IPv6 Redundancy Lab-55: Stateful/Stateless DHCPv6 Lab-56: Static NAT/PAT, Dynamic NAT Lab-57: Dynamic NAT, Policy Based NAT Lab-58: VRF Aware NAT Lab-59: IP SLA, Netflow, Traffic Capture Lab-61: SDA LAN Automation with PnP Lab-62: SDA Configuration Template Lab-63: SDA Identity Policy with ISE Lab-64: SDA Application Policy (Easy QoS) Lab-65: SDA Device Admin Lab-66: SDA Monitoring and Troubleshooting Lab-67 SD-WAN Secure Control Plane Bring Up Lab-68 SD-WAN Data Plane Bring Up Lab-69: SD-WAN Overlay Management Protocol (OMP) Lab-70: SD-WAN vManage Template Lab-71: SD-WAN vSmart Policies Lab-72: SD-WAN vAnalaytic Lab-73: Troubleshooting SD-WAN    

Published - Tue, 13 Apr 2021

Created by - Orhan Ergun

Cisco Viptela SD-WAN Training

Cisco Viptela SD-WAN Training. I recently added Self Paced Cisco Viptela SD-WAN training under Training on the website. You can purchase it and start studying the course right away. This course covers all SD-WAN  concepts from basic to advance level. Not only many hours theory and design, but there are more than 12 hours Lab/Configuration in this course to demonstrate, different features in SD-WAN. Students of this course are placed in a study group, so when they have any problem, we support them in the group. This is key for learning and I follow the same methodology in all my trainings. It covers at the moment, Cisco Viptela SD-WAN but when the new content is available for the other vendors SD-WAN solution, students will be able to access the new content for free as well. Starting from installing certificates on the SD-WAN Controller (VBond, VSmart, VManage), all the way cloud integration, Direct Internet Access, Dynamic Path Selection, Application Based Traffic Engineering, QoS, Forward Error Correction, Deduplication, Zero Touch Provisioning and many other topics are covered from theory and design aspects and demonstrated in a Lab environment. Last but not least, guest designers will discuss their real life SD-WAN design and deployment with Orhan Ergun and students will be able to access any newly added discussions, labs or materials in this course for free! You can purchase this course as a part of CCIE Enterprise Infrastructure Training as well. As usual, Orhan Ergun offers you the best course!   Cisco Viptela SD-WAN Course Outline: Below are some labs which we will be performing inn this course ·      Deploying DNS/NTP/Certificate Authority Services on Windows Server ·      Onboarding Controllers ·      Getting Edge devices serial file from cisco (using Smart Account) ·      Onboarding Edge devices (Viptela and IOS-XE devices) ·      Working with feature/device templates ·Configuring NAT features on Edge devices (Overloading NAT, Port-Forwarding, Static 1:1) ·   TLOC Extension configuration   Working with Centralized Control Policies: ·    VPN Membership ·    Hub-and-Spoke Topology ·    Route Prioritization   Working with Centralized Data Policies: ·    Service Insertion (Service Chaining) ·    Blocking Applications ·    AAR (Application Aware Routing) ·    Traffic Engineering ·    QoS (Policer) ·    QoS (Classification/Marking) of applications   Working with Localized Control Policies: ·    BGP Route-Policy Configuration   Working with Localized Data Policies: ·    Defining Queues ·    QoS (Classification using ACLs) ·    QoS (Scheduling) Prerequisite Knowledge: Familiarity with Basics of the routing protocols Familiarity with LAN, WAN and Datacenter basic terminologies such as VLAN, STP, IP, Router, Switch, Firewall etc.   Please contact with [email protected] for group discounts, corporate trainings and any other non-technical topics.

Published - Thu, 06 Aug 2020

Created by - Orhan Ergun

Will March 19, 2020 CCDE Practical exam be cancelled due to Coronavirus?

Will March 19, 2020 CCDE Practical exam be cancelled?   These days many students are asking in my CCDE Study groups about CCDE Practical exam and whether it will be cancelled due to Coronavirus?. You are not maybe my student (Yet:)) but I think you should be informed as well, thus I decided to share this post publicly. I talked to Cisco CCDE Program Manager and He told me that they don't have a plan to cancel it for the March 19, 2020 CCDE Practical Exam at the moment, but they are closely following the situation. Given the nature of the virus outbreak, things could of course change rather quickly! So, as of now, March 7, 2020, exam will happen on March 19. And, unless an official announcement is made, things go on as planned. I will let you know if I hear from any different official news from Cisco. Stay tuned and you can follow this post.

Published - Mon, 09 Mar 2020

Created by - Orhan Ergun

Will CCDE Practical Exam (Lab) Change in 2020?

Will CCDE Exam (Lab) change in 2020. I have been receiving this question again and again after Cisco’s announcement on Cisco certification exam changes. Short answer is NO. Little bit long answer is, it will not change in February 2020 and in fact it has been the only design certification since many years. (Cisco I should say, I am not sure if other vendors have similar certification track, please write in the comment section if you know) Cisco will add by February 2020, design section to existing CCIE certification though. This shows the importance of the design in networking and I have been talking and writing about the importance of design knowledge for the CCIE engineers. Probably someone heard my voice finally.Anyway, CCDE stays as pure design certification and we will see more design questions in CCIE certifications as well after Feb 2020. This is a right move by Cisco, keep the value of your high level certification!

Published - Wed, 27 Nov 2019

Created by - Orhan Ergun

Global CCDE List

How many CCDEs are there in the world?What country has the most CCDEs? How do you become a CCDE Global List member?You can find out the answers to these questions below. If you have a CCDE number, if you changed your country or company share it in the comment box below or contact me directly. This list will be updated as soon as new members are accredited. You can be the one of them.More than 60 of these CCDEs passed the exam after Orhan Ergun’s CCDE bootcamp. Total Number of CCDE: 430 Top Companies Top Countries Lady CCDE (4 CCDE) Cisco (94 CCDE) U.S (105 CCDE) Denise Fishburne Conscia (8 CCDE) U.K (22 CCDE) Louise Simmons AT&T (5 CCDE) Germany (13 CCDE) Lauren Child Dimension Data (4 CCDE) UAE (11 CCDE) Irene Salas VMware (4 CCDE)  Australia (9 CCDE) GLOBAL CCDE LIST Name Company Number Country Russ White Ericsson 20070001 US John Cavanaugh NetCraftsmen 20070002 US Bruce Pinsky Intuit 20070003 US Khalid Raza Viptela 20070004 US William Parkhurst Soliel 20070005 US Alvaro Retana Cisco 20070006 US Mosaddaq Turabi Viptela 20070007 US Steve Barnes 20070008 Ryan Hicks Insight 20080001 US Michael Morris NetApp 20080002 US Reinhold Fischer Cisco 20080003 Germany Tom Whaley Cisco 20090001 US Radu Hambasan Independent Consultant 20090002 Switzerland Jeremy Filliben Pristine Packets 20090003 U.S Claus Holbech Conscia 20090004 Denmark Mark Mckillop Cisco 20090005 U.K Ryan Niemes 20090006 Frederic Dery 20090007 Jim Bailey Cisco 20090008 U.S Benjamin Jones Cisco 20090009 Erik Neudenberger 20090010 Michael Kopp Isarnet 20090011 Germany Stefan Oettl 20090012 Scott Morris CBT Nuggets 20090013 U.S Denise Fishburne Cisco 20090014 U.S Cristian Caramida KCG 20100001 U.K Louise Simmons RBS 20100002 U.K John Elliott Cisco 20100003 U.S Alexey Mitronichev Cisco 20100004 Russia Peter Simmons Neurotech 20100005 U.K Arie Vayner Google 20100006 U.S Petr Lapukhov Facebook 20100007 U.S Jose Moreno Azure 20100008 Germany Andreas Gallenmueller Isarnet 20100009 Germany Joe Williams 20100010 Stephane Picard Google 20100011 Switzerland Terry Pattinson Cisco 20100012 U.K James Haynes 20100013 Luis Rueda Cisco 20110001 Colombia Jorg Buesink Inetzero 20110002 Netherlands Eddie Kempe WWT 20110003 U.S Robert Trinajstic Cisco 20110004 U.K Sean Crocker Sirius 20110005 U.S Tony Brown London University 20110006 U.K Adam Asay Invite Networks 20110007 U.S Joe Dorman Cisco 2011008 U.S Leo Lahteenmaki Cisco 20110009 Finland Aaron Aday Cisco 20110010 U.S Peter Hoei 20110011 Jesper Revald Conscia 20110012 Denmark Dietmar Gaar 20110013 John Donlon Gekko 20110014 U.K Aniruddha Parkhi Microsoft 20110015 U.S Martin Perez AT&T 20110016 Argentina Cyril Blondin McKay Brothers 20110017 France Mihai Petcu Cronus 20110018 Romania David Flagel Cisco 20110019 U.S Khawar Butt KBITS 20110020 India Lauren Child Centiant 20110021 U.K Matthew Duncan GDT Labs 20110023 U.S Marcelo Garcia Cisco 20110024 Argentina Christian Emmert Atos 20110025 Germany Jukka Okkonen Atea 20110026 Finland Graham Sheppard Cisco 20110027 U.S Vijaya Vuppala Dentons 20110028 U.S Ronald Angello 20120001 Gerard Kirby 20120002 U.S Alfred Lumbis 20120003 Yuri Lukin 20120004 Sergey Voropaev Cisco 20120005 U.S Maciej Rzehak UC RUSAL 20120006 Russia Piotr Jablonski Trecom 20120007 Poland Errol Robichaux Cisco 20120008 Poland Sebastian Pasternacki Cisco 20120009 U.S Joni Oksanen Cisco 20120011 Poland Thomas Young 20120012 David Yarashus NetCraftsmen 20120013 U.S Bradford Chatterjee Cisco 20120014 U.S Matthew White 20120015 Marco Van DerVlugt Routz 20120016 Netherlands Lukasz Bromirski Cisco 20120017 Poland James Luther KPMG 20120018 Poland Edward Ruszkiewicz CDW 20120019 U.K Basile Bluntschli WLAN 20120020 Switzerland Marco Morales Cisco 20120021 Switzerland William Nellis Cisco 20120022 Peru Patricio Villar AT&T 20120023 U.S Andre Laurent Cisco 20120024 Argentina Brett King NSW 20130001 U.S Michel Le Vieux Cisco 20130002 Australia Jerome Dolphin The Frame Group 20130003 Australia Gerd Pflueger Cisco 20130005 Robert Barton xPertext 20130006 U.K Philippe Jounin Orange 20130007 France Mustafa Bayramov Cisco 20130008 UAE Chance Whaley Cisco 20130009 U.S Shawn Zandi Linkedin 20130010 U.S Joao Almeida Cisco 20130011 Portugal Rolf Schaerer Cisco 20130012 Switzerland Brian Mcgahan INE 20130013 U.S Michael Mallory 20130014 Markus Harbeck Cisco 20130015 Germany Ahmed Abro VMware 20130016 U.S Himawan Nugroho Google 20130018 Switzerland Bent Ole Lokken Datametrix 20130019 Norway Jeffrey Moore VMware 20130020 Germany Thomas Loran Cisco 20130021 U.S Ali Youssef 20130022 Krzystod Mazepa Cisco 20130023 Poland Paulo Silva IBM 20130024 Brazil Alexander Clark 20130025 Karoly Barsony T-Systems 20130026 Hungary Fatos Dervisi 20130027 Manfred Brabec Cisco 20130028 Austria Michael Weller 20130029 Carlos Manjarres 20130031 SWasim El Omari 20130032 Axel Dittmann Cisco 20130033 Germany SimonLemire Cisco 20130036 Canada Oyvind Ellefsen Atea 20130037 Norway Amit Pal Singh Cisco 20130039 U.S Nikolay Kartashev Cisco 20130040 Australia Marius Holmsen VMware 20130041 Norway Richard Gallagher Cisco 20130042 U.S Richard Mallory 20130043 Mexico Israel Gonzalez Cisco 20130044 Australia Jeroen De Graaf 20130046 Germany Jon Pike Cisco 20130048 UAE Johannes Luther Isarnet 20130049 Canada Ken SuanJong Yeo Cru 20130050 U.S Quinton Coelho Cisco 20130054 U.S Pavel Denisov Cisco 20130055 Russia Stephen Lynn Cisco 20130056 U.S Joseph Foley Harris Caprock 20130057 U.S Steve Klonsky Netelligent 20130058 U.S Roberto Gonzalez 20130059 Russia Travis Jones 20130060 Bernard Wall Cisco 20130061 Chile Diptanshu Singh Cisco 20130063 U.S Dmitry Volkov Data Corp 20130065 U.K Marwan Al-Shawi BT 20130066 UAE Pedro Jose Sanchez 20130067 Ahmed Shams 20130069 Dave Fusik Cisco 20130070 U.S Dana Yanch Insight 20130071 US David Gurley Illumio 20130072 US Yufeng Yang Bell 20130073 Canada Jeffrey Drehobl Amazon 20130074 Ireland Nicolas Leiva Cisco 20130075 U.S Andrew Mallory Secure-24 0130076 U.S Denis Zuev Juniper 20130077 U.S Marcelo Fernandez Cisco 20130078 Chile Kleine Dutra Logicalis 20130079 U.S Cahyadi Gunawan 20130080 Andreas Baekdahl Axcess 20130081 Denmark Kazunori Sakumoto 20140001 Japan Manu Mohan Dimension Data 20140002 India Virgilio Spaziani Cisco 20140003 Switzerland Hinwoto Cisco 20140004 Indonesia Harish Balakrishnan Itelligent 20140005 UAE Dr.Kalaiarul Dharmalingam  Vodafone 20140006  Australia Richard Bauer High Point 20140008 U.S Chandrasekhar Lingamgunta 20140009 Sean Garrett Cisco 20140011 U.S Federico Cossu Alcatel-Lucent 20140012 Italy Haibin Zhou Cisco 20140013 U.S Sam Nazzal Cisco 20140014 UAE Ali Afrouzi Bobsweep 20140015 U.S Paulo Maffei Vodafone 20140016 Australia Orhan Ergun CCDE Trainer 20140017 Qatar Andrey Golovanov Amazon 20140019 Ireland Hector Bertomeu Cisco 20140021 Spain Paul Tatum Cisco 20140022 U.S Bernardo Frias 20140024 Riggs Goodman Cisco 20140025 U.S Michael Kowal Cisco 20140026 U.S Willy George Omantel 20140028 Oman Arthur Siahaan Cisco 20140029 Indonesia Robert William Total 20140030 U.S Colin Brown Capita 20140031 U.K Oliver Fischer Cisco 20140032 Germany Ashraf Esmat Asghal 20140033 Qatar Jason Madsen Cisco 20140037 U.S Piotr Jarzynka 20140038 Richard Alexander Logicalis 20140039 U.K Benjamin Parrish Cisco 20140043 U.S Shijo George Mannai 20140044 Qatar Mikkel Troest Conscia 20140046 Denmark Andrea Reggiani Lutech 20140048 Italy Michael Edwards GTRI 20140050 U.S Ryan Pinga Presidio 20140051 U.S Emanuel Lipschutz Conscia 20140052 Sweden Micah Bartell Equinix 20140053 U.S Alex Jerrold Dimension Data 20140054 U.S Edward Szurek Unisys 20140055 U.S Johnny Pedersen Conscia 20140057 Denmark Daniel Demmler 20140058 Germany Gullermo Trueba Cisco 20140059 Spain Jesse Loggins T-Mobile 20140060 U.S Ahmed Abed Cisco 20140061 Qatar Toni Germano Cisco 20140062 Finland Harindha Fernando nCinga 20140063 Singapore Rasesh Patel Loblaw 20140065 Canada Dave Gress Compucom 20140066 U.S Mohamed Abo Radwan Meeza 20140067 Qatar Paul Miller Cisco 20140069 U.S Darren Horobin Step Ahead 20140071 U.K Graham Hopkins Wolf Rock 20140072 U.K William Warner III 20140079 Pete Underwood Cox 20140081 U.S Paul Merlo 20140082 Christopher Diebold Visa 20150002 U.S Hamed Zolghadri BMI 20150003 UAE Marc Pascolini Cisco 20150004 France Khurram Masood Cisco 20150007 U.S Adrian Nomur WWT 20150008 U.S Silju Pillai Itelligent 20150014 UAE Roy Lexmond Routz 20150017 Netherlands Irene Salas Cisco 20150029 Venezuela Jean-Louis Auzepy VCE 20150034 Canada Mark Giacoboni Presidio 20150035 U.S Daniel Lardeux Post Telecom PSF 20150039 Luxembourg Daren Fulwell ANS 20150041 UK Jun Kato Cisco 20150044 Japan Driss Jabbar Axians 20150046 France Nuno Marques AXIANS 20150047 Portugal Shahin Mammadov Azercell 20150050 Azerbaijan Belete Ageze Cisco 20150051 U.S Yoshinori Okayama Root Riff 20160001 Japan Alexy Zaluzhny Cisco 20160002 Russia Diego Hernandez Cisco 20160003 U.K Neil Moore VMware 20160005 U.S Martin J Duggan AT&T 20160006 U.S Joel Wheeler Cisco 20160007 U.S Daniel Gheorghe Cisco 20160008 Germany Paolo Amendola Cisco 20160010 Italy Daniel Dib Conscia 20160011 Sweden Sean Flynn Dimension Data 20160013 Australia Hashiru Aminu Cisco 20160014 Saudi Arabia Anders C. Pedersen Conscia 20160015 Denmark Muhammad Abubakar Siddique Juniper Networks 20160016 U.S Syed Adeel Qamar Etisalat 20160018 UAE Andre Azevedo Dimension Data 20160019 U.K Mark Holm Axcess A/S 20160020 Denmark James Akroyd AT&T 20160021 Sweden Ryan Finneran NES 20160023 U.S Carlos Martinez Kovarus 20160025 U.S Danu Kurniawan PT 20160027 Indonesia Tahir Munir Accenture 20160031 U.S Michael Zsiga Cisco 20160032 U.S Ramcharan Arya 20160034 U.S Felix Nkansah Apotica 20160036 Ghana Francisco Solano Tetris 20160037 U.S Naveed Afzal IBM 20160038 UAE Daniel Lazar European Patent Office 20160039 Netherlands Nicholas Russo Cisco 20160041 U.S Youssef El Fathi Orange 20160043 France Muhammad Tayyab Munir Acuative 20160044 Saudi Arabia Sean Mathias Verizon 20160045 U.S Joel Desaulniers Telus 20160047 Canada Vinod Gupta Mcoach 20170008 India Vijay Pawar Cisco 20170012 India Shijimon Aliyarukunju Meeza 20170013 Qatar Hilal Sherif NABS 20170018 UAE Kim Pedersen Lytzen 20170021 Denmark Wade Lehrschall Cisco 20170023 U.S Oscar Saori Impala 20170025 Spain Imran A. Stamford Hospital 20170028 U.S Muhammad Naeem Georgetown University 20170029 U.S Malcolm Booden Bayer 20170037 U.K Julian Rodriguez Netsync 20170038 U.S Jason Mangawang HomeAway 20170039 U.S Phil Beaudoin  Cisco 20170040 U.S Binh Lam NTT Communications 20170042 Australia Jesus Cahuao Riera Cisco 20170044 Australia Plamen Mladenov VMware 20170046 Bulgaria Ken Young Nova Scotia 20170047 Canada Thomas Dunteman Cisco 20170048 U.S Thomas Sillaber  Arista Networks 20170049 Germany Ad Spelt KPN 20170050 Netherlands Dave Raney AT&T 20170051 U. S Jaroslaw Dobkowski eCom Solutions Ltd 20170053 Ireland Constantin Mohorea Index Exchange 20170054 Canada Young-Soo IBM GTS Global 20170055 Singapore Arshad Dhunna Cciehome 20170056 India Keith Baldwin Cisco 20170057 U. S Haiyu Dong StarHub 20170058 Singapore Bryan Bartik CompuNet, Inc. 20170059 U. S Marcin Zimnica  Fidelity International 20170060 Ireland Hady Abdellah  MACS ME. 20180001 Qatar Vitalii Berezovskyi Cisco 20180003 Poland Giedrius Trapkauskas  Liberty Global 20180004 Lithuania Abe Basurto Cisco 20180006 U.S Igor Osadchuk Gameloft 20180007 Canada Tom Newsome Cisco 20180008 U.S Volodymyr Khavroniuk  Cisco 20180010 U. S Rahul Bhatt  Cisco 20180012 India Ralph Olsen Conscia A/S 20180014 Denmark Michael McPhee Cisco 20180018 U.S Eugene McCall Iron Bow Technologies 20180019 U.S

Published - Tue, 26 Nov 2019