SPECIAL OFFERS
Keep up with new releases and promotions. Sign up to hear from us.
Also available in other formats.
Register your product to gain access to bonus material or receive a coupon.
CCNP and CCIE Enterprise Core ENCOR 350-401, Premium Edition eBook and Practice Test
Save 50% - Limited Time, Introductory Offer
The exciting new CCNP and CCIE Enterprise Core ENCOR 350-401 Exam Cram, Premium Edition eBook and Practice Test is a digital-only certification preparation product combining an eBook with an enhanced Pearson IT Certification Practice Test. The Premium Edition eBook and Practice Test contains the following items:
Download the sample pages (includes Chapter 6)
Introduction. . . . . . . . . . . . . . . . . . . . . . . xxiii
Part I: Infrastructure
CHAPTER 1
Understanding Layer 2.. . . . . . . . . . . . . . . . . . . . 1
VLANs Overview.. . . . . . . . . . . . . . . . . . . . 3
Spanning Tree Protocol Overview. . . . . . . . . . . . . . 19
EtherChannels.. . . . . . . . . . . . . . . . . . . . 47
Review Questions.. . . . . . . . . . . . . . . . . . . 57
Further Reading.. . . . . . . . . . . . . . . . . . . . 58
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 58
CHAPTER 2
Understanding Layer 3: IGPs.. . . . . . . . . . . . . . . . . 59
IP Routing Essentials. . . . . . . . . . . . . . . . . . 60
Enhanced Interior Gateway Routing Protocol (EIGRP). . . . . . 68
Open Shortest Path First (OSPF).. . . . . . . . . . . . . . 80
Review Questions.. . . . . . . . . . . . . . . . . . . 100
Further Reading.. . . . . . . . . . . . . . . . . . . . 101
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 101
CHAPTER 3
Understanding Layer 3: BGP. . . . . . . . . . . . . . . . . 103
BGP Fundamentals.. . . . . . . . . . . . . . . . . . . 104
BGP Configuration and Verification.. . . . . . . . . . . . . 112
Review Questions.. . . . . . . . . . . . . . . . . . . 120
Further Reading.. . . . . . . . . . . . . . . . . . . . 121
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 121
CHAPTER 4
IP Services.. . . . . . . . . . . . . . . . . . . . . . . 123
Network Time Protocol (NTP).. . . . . . . . . . . . . . 124
Network Address Translation (NAT).. . . . . . . . . . . . . 134
First-Hop Redundancy Protocols (FHRPs). . . . . . . . . . . 143
Multicast.. . . . . . . . . . . . . . . . . . . . . . 156
Review Questions.. . . . . . . . . . . . . . . . . . . 165
Further Reading.. . . . . . . . . . . . . . . . . . . . 166
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 166
CHAPTER 5
Enterprise Wireless.. . . . . . . . . . . . . . . . . . . . 167
Wireless Basics.. . . . . . . . . . . . . . . . . . . . 168
WLC and AP Operation and Pairing. . . . . . . . . . . . . 176
Wireless Roaming. . . . . . . . . . . . . . . . . . . 185
Review Questions.. . . . . . . . . . . . . . . . . . . 191
Further Reading.. . . . . . . . . . . . . . . . . . . . 192
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 192
Part II: Security
CHAPTER 6
Device Access Control.. . . . . . . . . . . . . . . . . . . 193
Cisco IOS CLI Session Overview.. . . . . . . . . . . . . . 194
Authentication, Authorization, and Accounting (AAA) Overview.. . . 210
Review Questions.. . . . . . . . . . . . . . . . . . . 217
Further Reading.. . . . . . . . . . . . . . . . . . . . 218
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 218
CHAPTER 7
Infrastructure Security.. . . . . . . . . . . . . . . . . . . 219
Access Control Lists (ACLs) Overview. . . . . . . . . . . . 220
Control Plane Policing (CoPP). . . . . . . . . . . . . . . 233
Review Questions.. . . . . . . . . . . . . . . . . . . 236
Further Reading.. . . . . . . . . . . . . . . . . . . . 237
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 237
CHAPTER 8
Securing REST APIs. . . . . . . . . . . . . . . . . . . . 239
REST API Security.. . . . . . . . . . . . . . . . . . . 240
Review Questions.. . . . . . . . . . . . . . . . . . . 245
Further Reading.. . . . . . . . . . . . . . . . . . . . 245
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 245
CHAPTER 9
Wireless Security.. . . . . . . . . . . . . . . . . . . . . 247
Wireless Authentication Overview. . . . . . . . . . . . . . 248
Review Questions.. . . . . . . . . . . . . . . . . . . 262
Further Reading.. . . . . . . . . . . . . . . . . . . . 262
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 263
CHAPTER 10
Network Security Design.. . . . . . . . . . . . . . . . . . 265
Threat Defense. . . . . . . . . . . . . . . . . . . . 266
TrustSec, MACsec. . . . . . . . . . . . . . . . . . . 279
Review Questions.. . . . . . . . . . . . . . . . . . . 284
Further Reading.. . . . . . . . . . . . . . . . . . . . 285
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 285
CHAPTER 11
Network Access Control. . . . . . . . . . . . . . . . . . . 287
Cisco Identity Services Engine (ISE).. . . . . . . . . . . . . 288
Review Questions.. . . . . . . . . . . . . . . . . . . 296
Further Reading.. . . . . . . . . . . . . . . . . . . . 296
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 297
Part III: Automation
CHAPTER 12
Anatomy of Python. . . . . . . . . . . . . . . . . . . . . 299
Interpreting Python Components and Scripts.. . . . . . . . . . 300
Review Questions.. . . . . . . . . . . . . . . . . . . 313
Further Reading.. . . . . . . . . . . . . . . . . . . . 314
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 314
CHAPTER 13
Building JSON Files.. . . . . . . . . . . . . . . . . . . . 315
Data Formats (XML and JSON).. . . . . . . . . . . . . . 316
Review Questions.. . . . . . . . . . . . . . . . . . . 323
Further Reading.. . . . . . . . . . . . . . . . . . . . 324
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 324
CHAPTER 14
YANG Data Modeling.. . . . . . . . . . . . . . . . . . . . 325
YANG Data Modeling. . . . . . . . . . . . . . . . . . 326
Review Questions.. . . . . . . . . . . . . . . . . . . 332
Further Reading.. . . . . . . . . . . . . . . . . . . . 332
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 332
CHAPTER 15
DNA Center and vManage APIs. . . . . . . . . . . . . . . . 333
APIs for Cisco DNA Center and vManage.. . . . . . . . . . . 334
Review Questions.. . . . . . . . . . . . . . . . . . . 344
Further Reading.. . . . . . . . . . . . . . . . . . . . 344
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 344
CHAPTER 16
Interpreting REST API Codes.. . . . . . . . . . . . . . . . . 345
Interpreting REST API Response Codes.. . . . . . . . . . . 346
Review Questions.. . . . . . . . . . . . . . . . . . . 349
Further Reading.. . . . . . . . . . . . . . . . . . . . 349
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 349
CHAPTER 17
EEM Applets.. . . . . . . . . . . . . . . . . . . . . . . 351
Embedded Event Manager (EEM).. . . . . . . . . . . . . 352
Review Questions.. . . . . . . . . . . . . . . . . . . 362
Further Reading.. . . . . . . . . . . . . . . . . . . . 362
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 362
CHAPTER 18
Configuration Management and Orchestration.. . . . . . . . . . 363
Agent-Based Orchestration Tools.. . . . . . . . . . . . . . 365
Agentless Orchestration Tools. . . . . . . . . . . . . . . 372
Review Questions.. . . . . . . . . . . . . . . . . . . 378
Further Reading.. . . . . . . . . . . . . . . . . . . . 378
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 378
Part IV: Architecture
CHAPTER 19
Enterprise Network Design Principles.. . . . . . . . . . . . . . 379
Hierarchical LAN Design Model.. . . . . . . . . . . . . . 380
First-Hop Redundancy Protocols (FHRPs). . . . . . . . . . . 392
Hardware Redundancy Mechanisms.. . . . . . . . . . . . . 400
Review Questions.. . . . . . . . . . . . . . . . . . . 407
Further Reading.. . . . . . . . . . . . . . . . . . . . 408
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 408
CHAPTER 20
Wireless LAN Deployments. . . . . . . . . . . . . . . . . . 409
Wireless Deployment Models. . . . . . . . . . . . . . . 410
Wireless Location Services. . . . . . . . . . . . . . . . 427
Review Questions.. . . . . . . . . . . . . . . . . . . 430
Further Reading.. . . . . . . . . . . . . . . . . . . . 431
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 431
CHAPTER 21
On-Premises vs. Cloud Infrastructure.. . . . . . . . . . . . . . 433
Cloud Infrastructure Basics.. . . . . . . . . . . . . . . . 434
Cloud Services Models. . . . . . . . . . . . . . . . . . 438
Cloud Deployment Models.. . . . . . . . . . . . . . . . 444
On-Premises or Cloud Infrastructure. . . . . . . . . . . . . 447
Review Questions.. . . . . . . . . . . . . . . . . . . 449
Further Reading.. . . . . . . . . . . . . . . . . . . . 450
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 450
CHAPTER 22
SD-WAN.. . . . . . . . . . . . . . . . . . . . . . . . 451
SD-WAN Overview.. . . . . . . . . . . . . . . . . . 452
SD-WAN Architecture Components.. . . . . . . . . . . . . 459
Review Questions.. . . . . . . . . . . . . . . . . . . 465
Further Reading.. . . . . . . . . . . . . . . . . . . . 466
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 466
CHAPTER 23
SD-Access. . . . . . . . . . . . . . . . . . . . . . . . 467
SD-Access Overview.. . . . . . . . . . . . . . . . . . 468
SD-Access Architecture.. . . . . . . . . . . . . . . . . 471
SD-Access Operational Planes.. . . . . . . . . . . . . . . 474
SD-Access Fabric Roles and Components.. . . . . . . . . . . 477
Review Questions.. . . . . . . . . . . . . . . . . . . 484
Further Reading.. . . . . . . . . . . . . . . . . . . . 484
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 485
CHAPTER 24
QoS. . . . . . . . . . . . . . . . . . . . . . . . . . 487
The Need for QoS.. . . . . . . . . . . . . . . . . . . 488
QoS Models and Components.. . . . . . . . . . . . . . . 493
Congestion Management and Congestion Avoidance.. . . . . . . 499
Review Questions.. . . . . . . . . . . . . . . . . . . 503
Further Reading.. . . . . . . . . . . . . . . . . . . . 503
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 504
CHAPTER 25
Switching.. . . . . . . . . . . . . . . . . . . . . . . . 505
Traffic Forwarding Basics. . . . . . . . . . . . . . . . . 506
Forwarding Architectures. . . . . . . . . . . . . . . . . 511
Review Questions.. . . . . . . . . . . . . . . . . . . 522
Further Reading.. . . . . . . . . . . . . . . . . . . . 523
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 523
Part V: Virtualization
CHAPTER 26
Basic Virtualization.. . . . . . . . . . . . . . . . . . . . 525
Virtualization Overview.. . . . . . . . . . . . . . . . . 526
Virtual Machines (VMs). . . . . . . . . . . . . . . . . 532
Virtual Switching.. . . . . . . . . . . . . . . . . . . 535
Review Questions.. . . . . . . . . . . . . . . . . . . 542
Further Reading.. . . . . . . . . . . . . . . . . . . . 543
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 543
CHAPTER 27
VRF Instances, GRE, and IPsec. . . . . . . . . . . . . . . . 545
Virtual Routing and Forwarding (VRF).. . . . . . . . . . . . 546
Generic Routing Encapsulation (GRE).. . . . . . . . . . . . 552
IPsec VPNs.. . . . . . . . . . . . . . . . . . . . . 558
Review Questions.. . . . . . . . . . . . . . . . . . . 570
Further Reading.. . . . . . . . . . . . . . . . . . . . 571
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 571
CHAPTER 28
Extending the Network Virtually.. . . . . . . . . . . . . . . . 573
Locator ID/Separation Protocol (LISP).. . . . . . . . . . . . 574
Virtual Extensible LAN (VXLAN).. . . . . . . . . . . . . 580
Review Questions.. . . . . . . . . . . . . . . . . . . 585
Further Reading.. . . . . . . . . . . . . . . . . . . . 586
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 586
Part VI: Network Assurance
CHAPTER 29
Troubleshooting.. . . . . . . . . . . . . . . . . . . . . . 587
Troubleshooting Overview.. . . . . . . . . . . . . . . . 588
Simple Network Management Protocol (SNMP).. . . . . . . . 604
Review Questions.. . . . . . . . . . . . . . . . . . . 610
Further Reading.. . . . . . . . . . . . . . . . . . . . 611
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 611
CHAPTER 30
Monitoring. . . . . . . . . . . . . . . . . . . . . . . . 613
Syslog.. . . . . . . . . . . . . . . . . . . . . . . 614
NetFlow and Flexible NetFlow. . . . . . . . . . . . . . . 620
Switch Port Analyzer (SPAN), Remote SPAN (RSPAN), and Encapsulated Remote SPAN (ERSPAN)... 632
Review Questions.. . . . . . . . . . . . . . . . . . . 639
Further Reading.. . . . . . . . . . . . . . . . . . . . 640
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 640
CHAPTER 31
IP SLA and DNA Center.. . . . . . . . . . . . . . . . . . . 641
IP SLA Overview.. . . . . . . . . . . . . . . . . . . 642
Cisco DNA Center Assurance. . . . . . . . . . . . . . . 652
Review Questions.. . . . . . . . . . . . . . . . . . . 660
Further Reading.. . . . . . . . . . . . . . . . . . . . 660
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 660
CHAPTER 32
NETCONF and RESTCONF.. . . . . . . . . . . . . . . . . . 661
NETCONF. . . . . . . . . . . . . . . . . . . . . 662
RESTCONF.. . . . . . . . . . . . . . . . . . . . . 668
Review Questions.. . . . . . . . . . . . . . . . . . . 671
Further Reading.. . . . . . . . . . . . . . . . . . . . 671
Whats Next?.. . . . . . . . . . . . . . . . . . . . . 671
Glossary.. . . . . . . . . . . . . . . . . . . . . . . . 673
9780136891932, TOC, 2/15/2022