Cisco DNA Center and SD Access

SDN-based Network Infrastructures

Enterprise networking is currently undergoing a transformation towards centralized network control and programming. This is made possible by the rapid development at the SDN controller level. The Cisco DNA Center (Cisco Digital Network Architecture Center) platform has been optimized for the enterprise sector. For example, it is equipped with modules for the design, security policy and provisioning of SD-Access. In addition, the range of functions can be easily expanded using self-programmed apps. This provides the prerequisites for operating the enterprise network more flexibly and optimally. A trend that has long been implemented in the service provider sector.

Course Contents

Software-Defined Networking (SDN): Motivation and implementation?
Typical use cases
The architecture of SDN solutions
Network Function Virtualization (NFV)
Structure and installation of the Cisco DNA Center
Cooperation between Cisco DNA Center and the Identity Services Engine (ISE)
Design and provisioning of SD-Access using the Cisco DNA Center and the ISE
Tools and apps of the Cisco DNA Center
How does the REST API work?
How can the REST API be used for network programming?

The detailed digital documentation package, consisting of an e-book and PDF, is included in the price of the course.

Target Group

The course is aimed at participants who are involved in the design, planning and implementation of enterprise networks based on Cisco components.

Knowledge Prerequisites

Knowledge of Cisco LAN, WLAN or WAN networks and their practical implementation is the ticket to this course.

1	Software Defined Networking
1.1	Netzwerk und Applikation
1.1.1	Die Idee
1.2	Definition von SDN
1.2.1	Klassische Router/Switch-Netze
1.2.2	Software Defined Networking
1.2.3	Substruktur der Control Plane
1.2.4	Vernetzung mit SDN
1.2.5	Der Weg zu SDN
1.3	Digital Network Architecture (DNA)
1.3.1	DNA/Catalyst Center
1.3.2	Network Fabrics in DNA
1.3.3	Zusammenspiel der Service-Komponenten
1.3.4	Analyse- und Telemetrie-Werte in DNA
1.4	Motivation für Enterprise 4.0
1.4.1	Use Cases für den Einsatz von SD Access

2	Software Defined Access
2.1	SD Access im Überblick
2.1.1	Das Referenzmodell
2.1.2	Netzwerktopologien für die Campus Fabric
2.2	Segmentierung im SDA
2.2.1	Underlay und Overlay
2.2.2	Virtual Networks
2.2.3	IP Pools
2.2.4	Security Groups
2.2.5	Stretched Subnets
2.2.6	Anycast Gateway
2.3	Die Fabric im SDA
2.3.1	Host Mobility
2.3.2	Die Funktion der Identity Services Engine (ISE)
2.3.3	Fabric Nodes
2.3.4	Fabric in a Box
2.3.5	Extended Node
2.4	Einblick in die Technologien
2.4.1	IS-IS
2.4.2	BGP-4
2.4.3	LISP
2.4.4	VXLAN
2.4.5	TrustSec
2.5	Zusammenspiel der Technologien
2.6	Breakouts aus der Fabric Domain

3	Einrichtung des DNA/Catalyst Center
3.1	Inbetriebnahme des DNA/Catalyst Center
3.1.1	Anforderungen an das Netzwerk
3.1.2	DNA/Catalyst Center Cluster
3.1.3	Setzen eines BIOS Passworts
3.1.4	Einrichtung des CIMC
3.2	Basis-Setup mit dem Configuration Wizard
3.3	Erste Schritte nach der Installation
3.3.1	Verbindung zum Web-Server
3.3.2	Integration mit der ISE
3.3.3	ISE als pxGrid Controller
3.3.4	Installation der ISE (1/3)
3.3.5	ISE-Access
3.3.6	Einrichtung eines IP Address Managers
3.3.7	Andere AAA Server

4	Design und Provisioning von SD Access
4.1	Konfiguration des SD Access
4.2	Design App für die Infrastruktur
4.2.1	Anlegen der Network Hierarchy
4.2.2	Anpassungen am Etagenplan
4.2.3	Network Services, Credentials und IP Pools
4.2.4	Anlegen eines Netzwerk-Profils
4.3	Erfassen der Netzwerkkomponenten
4.3.1	Device Discovery
4.3.2	Device Inventory Function
4.3.3	Monitoring der Topology Map
4.4	Software Image Management (SWIM)
4.5	Provision
4.5.1	Das Plug and Play Provisioning
4.5.2	LAN Automation
4.5.3	Site Assignment
4.5.4	Device Provisioning
4.6	Device Replacement
4.7	Einrichten einer Fabric
4.8	Multi-Site Fabric Interconnect
4.8.1	MPLS als IP Transit
4.8.2	Cisco SD Access Transit
4.8.3	Konfiguration eines Transit

5	Host Onboarding im SD Access
5.1	Einrichten von Virtual Networks
5.2	Security Groups in der Policy App
5.2.1	Security Group Tags für User Groups
5.2.2	Policy Sets
5.3	Anlegen von Policies
5.3.1	Anlegen von Custom Access Contracts
5.3.2	Die TrustSec Matrix auf der ISE
5.3.3	Application Policy
5.4	Host Onboarding unter Provision
5.4.1	Authentisierung
5.4.2	Erfassung der Endsysteme

6	Apps und Tools auf dem DNA Center
6.1	Übersicht über weitere Apps
6.1.1	Der Command Runner
6.1.2	Der License Manager
6.1.3	Der Template Editor
6.1.4	Der Model Config Editor
6.1.5	Wide Area Bonjour
6.1.6	Security Advisories
6.1.7	Network Reasoner
6.2	Arbeiten mit dem Template Editor
6.2.1	Aufrufen eines Templates
6.2.2	Editieren eines Templates
6.2.3	Einbindung in ein Network Profile
6.2.4	Anwendung beim Provisioning

7	WLAN und DNA/Catalyst Center
7.1	Klassische WLAN-Architektur
7.1.1	Control and Provisioning of Wireless Access Points
7.1.2	Split-MAC Architektur
7.2	CAPWAP-Verbindungsaufbau
7.2.1	Datenaustausch zwischen Controller und AP
7.2.2	CAPWAP-Verbindungsaufbau
7.2.3	Kommunikationswege im Netz
7.2.4	Layer 2 Roaming
7.3	WLAN und SD Access
7.3.1	SD Access Wireless Protokolle und Kommunikations-Interfaces
7.4	WLAN-Konfiguration auf dem DNA/Catalyst Center
7.4.1	Etagenplan
7.4.2	Anpassungen am Etagenplan
7.5	Anlegen eines Netzwerk-Profils für Wireless
7.5.1	Einstellungen der WLAN-Parameter

8	Assurance und Analytics mit dem DNA/Catalyst Center
8.1	DNA Assurance im Überblick
8.1.1	Vorbereitende Schritte
8.2	Overall Enterprise Health
8.3	Network Health
8.3.1	Device Health: Device 360
8.3.2	Path Trace
8.4	Client Health
8.4.1	Client Dashboard: Client 360
8.5	Application Health
8.5.1	Application 360
8.6	Sensor-Driven Tests
8.6.1	Konfiguration von Tests
8.6.2	Telemetry
8.7	Intelligent Capture
8.7.1	Intelligent Capture für Access Points
8.7.2	Intelligent Capture mit Client 360
8.7.3	Intelligent Capture mit Device 360
8.8	Erstellen von Reports

9	Die REST API des DNA Center
9.1	North- & Southbound Protocols
9.1.1	REST API
9.1.2	REST in Python - requests
9.1.3	XML
9.1.4	JSON
9.1.5	YANG
9.2	Überblick DNA Center API

Classroom training: Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!
Hybrid training: Hybrid training means that online participants can additionally attend a classroom course. The dynamics of a real seminar are maintained, and the online participants are able to benefit from that. Online participants of a hybrid course use a collaboration platform, such as WebEx Training Center or Saba Meeting. To do this, a PC with browser and Internet access is required, as well as a headset and ideally a Web cam. In the seminar room, we use specially developed and customized audio- and video-technologies. This makes sure that the communication between all persons involved works in a convenient and fault-free way.
Online training: You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.
Tailor-made courses: You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.

You can find the complete description of this course with dates and prices ready for download at as PDF.

Course Contents

Software-Defined Networking (SDN): Motivation and implementation?
Typical use cases
The architecture of SDN solutions
Network Function Virtualization (NFV)
Structure and installation of the Cisco DNA Center
Cooperation between Cisco DNA Center and the Identity Services Engine (ISE)
Design and provisioning of SD-Access using the Cisco DNA Center and the ISE
Tools and apps of the Cisco DNA Center
How does the REST API work?
How can the REST API be used for network programming?

The detailed digital documentation package, consisting of an e-book and PDF, is included in the price of the course.

Target Group

The course is aimed at participants who are involved in the design, planning and implementation of enterprise networks based on Cisco components.

Knowledge Prerequisites

Knowledge of Cisco LAN, WLAN or WAN networks and their practical implementation is the ticket to this course.

1	Software Defined Networking
1.1	Netzwerk und Applikation
1.1.1	Die Idee
1.2	Definition von SDN
1.2.1	Klassische Router/Switch-Netze
1.2.2	Software Defined Networking
1.2.3	Substruktur der Control Plane
1.2.4	Vernetzung mit SDN
1.2.5	Der Weg zu SDN
1.3	Digital Network Architecture (DNA)
1.3.1	DNA/Catalyst Center
1.3.2	Network Fabrics in DNA
1.3.3	Zusammenspiel der Service-Komponenten
1.3.4	Analyse- und Telemetrie-Werte in DNA
1.4	Motivation für Enterprise 4.0
1.4.1	Use Cases für den Einsatz von SD Access

2	Software Defined Access
2.1	SD Access im Überblick
2.1.1	Das Referenzmodell
2.1.2	Netzwerktopologien für die Campus Fabric
2.2	Segmentierung im SDA
2.2.1	Underlay und Overlay
2.2.2	Virtual Networks
2.2.3	IP Pools
2.2.4	Security Groups
2.2.5	Stretched Subnets
2.2.6	Anycast Gateway
2.3	Die Fabric im SDA
2.3.1	Host Mobility
2.3.2	Die Funktion der Identity Services Engine (ISE)
2.3.3	Fabric Nodes
2.3.4	Fabric in a Box
2.3.5	Extended Node
2.4	Einblick in die Technologien
2.4.1	IS-IS
2.4.2	BGP-4
2.4.3	LISP
2.4.4	VXLAN
2.4.5	TrustSec
2.5	Zusammenspiel der Technologien
2.6	Breakouts aus der Fabric Domain

3	Einrichtung des DNA/Catalyst Center
3.1	Inbetriebnahme des DNA/Catalyst Center
3.1.1	Anforderungen an das Netzwerk
3.1.2	DNA/Catalyst Center Cluster
3.1.3	Setzen eines BIOS Passworts
3.1.4	Einrichtung des CIMC
3.2	Basis-Setup mit dem Configuration Wizard
3.3	Erste Schritte nach der Installation
3.3.1	Verbindung zum Web-Server
3.3.2	Integration mit der ISE
3.3.3	ISE als pxGrid Controller
3.3.4	Installation der ISE (1/3)
3.3.5	ISE-Access
3.3.6	Einrichtung eines IP Address Managers
3.3.7	Andere AAA Server

4	Design und Provisioning von SD Access
4.1	Konfiguration des SD Access
4.2	Design App für die Infrastruktur
4.2.1	Anlegen der Network Hierarchy
4.2.2	Anpassungen am Etagenplan
4.2.3	Network Services, Credentials und IP Pools
4.2.4	Anlegen eines Netzwerk-Profils
4.3	Erfassen der Netzwerkkomponenten
4.3.1	Device Discovery
4.3.2	Device Inventory Function
4.3.3	Monitoring der Topology Map
4.4	Software Image Management (SWIM)
4.5	Provision
4.5.1	Das Plug and Play Provisioning
4.5.2	LAN Automation
4.5.3	Site Assignment
4.5.4	Device Provisioning
4.6	Device Replacement
4.7	Einrichten einer Fabric
4.8	Multi-Site Fabric Interconnect
4.8.1	MPLS als IP Transit
4.8.2	Cisco SD Access Transit
4.8.3	Konfiguration eines Transit

5	Host Onboarding im SD Access
5.1	Einrichten von Virtual Networks
5.2	Security Groups in der Policy App
5.2.1	Security Group Tags für User Groups
5.2.2	Policy Sets
5.3	Anlegen von Policies
5.3.1	Anlegen von Custom Access Contracts
5.3.2	Die TrustSec Matrix auf der ISE
5.3.3	Application Policy
5.4	Host Onboarding unter Provision
5.4.1	Authentisierung
5.4.2	Erfassung der Endsysteme

6	Apps und Tools auf dem DNA Center
6.1	Übersicht über weitere Apps
6.1.1	Der Command Runner
6.1.2	Der License Manager
6.1.3	Der Template Editor
6.1.4	Der Model Config Editor
6.1.5	Wide Area Bonjour
6.1.6	Security Advisories
6.1.7	Network Reasoner
6.2	Arbeiten mit dem Template Editor
6.2.1	Aufrufen eines Templates
6.2.2	Editieren eines Templates
6.2.3	Einbindung in ein Network Profile
6.2.4	Anwendung beim Provisioning

7	WLAN und DNA/Catalyst Center
7.1	Klassische WLAN-Architektur
7.1.1	Control and Provisioning of Wireless Access Points
7.1.2	Split-MAC Architektur
7.2	CAPWAP-Verbindungsaufbau
7.2.1	Datenaustausch zwischen Controller und AP
7.2.2	CAPWAP-Verbindungsaufbau
7.2.3	Kommunikationswege im Netz
7.2.4	Layer 2 Roaming
7.3	WLAN und SD Access
7.3.1	SD Access Wireless Protokolle und Kommunikations-Interfaces
7.4	WLAN-Konfiguration auf dem DNA/Catalyst Center
7.4.1	Etagenplan
7.4.2	Anpassungen am Etagenplan
7.5	Anlegen eines Netzwerk-Profils für Wireless
7.5.1	Einstellungen der WLAN-Parameter

8	Assurance und Analytics mit dem DNA/Catalyst Center
8.1	DNA Assurance im Überblick
8.1.1	Vorbereitende Schritte
8.2	Overall Enterprise Health
8.3	Network Health
8.3.1	Device Health: Device 360
8.3.2	Path Trace
8.4	Client Health
8.4.1	Client Dashboard: Client 360
8.5	Application Health
8.5.1	Application 360
8.6	Sensor-Driven Tests
8.6.1	Konfiguration von Tests
8.6.2	Telemetry
8.7	Intelligent Capture
8.7.1	Intelligent Capture für Access Points
8.7.2	Intelligent Capture mit Client 360
8.7.3	Intelligent Capture mit Device 360
8.8	Erstellen von Reports

9	Die REST API des DNA Center
9.1	North- & Southbound Protocols
9.1.1	REST API
9.1.2	REST in Python - requests
9.1.3	XML
9.1.4	JSON
9.1.5	YANG
9.2	Überblick DNA Center API

Classroom training: Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!
Hybrid training: Hybrid training means that online participants can additionally attend a classroom course. The dynamics of a real seminar are maintained, and the online participants are able to benefit from that. Online participants of a hybrid course use a collaboration platform, such as WebEx Training Center or Saba Meeting. To do this, a PC with browser and Internet access is required, as well as a headset and ideally a Web cam. In the seminar room, we use specially developed and customized audio- and video-technologies. This makes sure that the communication between all persons involved works in a convenient and fault-free way.
Online training: You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.
Tailor-made courses: You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.

You can find the complete description of this course with dates and prices ready for download at as PDF.

ExperTeach Identifier: CAEN

Duration & Prices

Prices excl. V.A.T.

Classes in Germany

5 days

€ 3,395

Classes in Switzerland

5 days

€ 4,290

Online training

5 days

€ 3,395

			Date	City
20251208	0	3	12/08/-12/12/25	Frankfurt
20251208	0	3	12/08/-12/12/25	Live Online
20260202	2	3	02/02/-02/06/26	München
20260202	2	3	02/02/-02/06/26	Live Online
20260316	2	3	03/16/-03/20/26	Frankfurt
20260316	2	3	03/16/-03/20/26	Live Online
20260316	2	1	03/16/-03/20/26	Zürich
20260420	2	3	04/20/-04/24/26	Berlin
20260420	2	3	04/20/-04/24/26	Hamburg
20260420	2	3	04/20/-04/24/26	Live Online
20260608	2	3	06/08/-06/12/26	Frankfurt
20260608	2	3	06/08/-06/12/26	Live Online