MPLS22LG

#CLUS
Enterprise MPLS
Customer Case Studies
Khalil Jabr, DSE

BRKMPL-2110
#CLUS
This is not a technology overview or deep dive
This is about how the technology is being used
#CLUS BRKMPL-2110 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Agenda
• Introduction
• 6 Case Studies with:
• Requirements
• Design Overview
• Pros and Cons
• Conclusion
• Summary
• Lessons Learned
Cisco Webex Teams
Questions?
Use Cisco Webex Teams (formerly Cisco Spark)
to chat with the speaker after the session
How
1 Find this session in the Cisco Events App
2 Click “Join the Discussion”
3 Install Webex Teams or go directly to the team space
4 Enter messages/questions in the team space
Webex Teams will be moderated cs.co/ciscolivebot#BRKMPL-2110

by the speaker until June 18, 2018.
Intro
• What is this about?
• Why do I care?
• Newer ways of using MPLS
• Creative designs that solve useful problems
Case 1: Enterprise
Campus
“Effective network segmentation…
restricts communication between
networks and reduces the extent to
which an adversary can move across
the network.”
Network Virtualization
 Groups and services are logically
Resources Internet separated …
Guest / partner access
Departmental separation
Regulatory compliance (HIPPA, PCI …)
Non-Virtualized Building controls, video surveillance
Network Mergers, acquisitions … and many others
 Closed User Groups …
Virtualized
Network
Private
Secure
Independent policies
 Service differentiation
is configured per group / service …
The same application
Dept A Dept B Partner Guest can be unique per group / service
Network Virtualization
How the Network is Viewed, Logically
• One physical network supports many virtual networks

Guests /
Department Function B Partners
A
Virtual Virtual Virtual
Actual Physical Network Infrastructure
Access Control Path Isolation Services Edge
Device Virtualization
MPLS Data
GRE/LISP
GRE MPLS Center
VRFs
802.1q
Internet
 Physically one device
 Logically many devices

– Control plane
– Data plane
VRF
 Virtual devices
VRF
– Router (VRF)
– Switch (VLAN) VRF
– Firewall (Context)
– Etc…
VRF: Virtual Routing and Forwarding
MPLS VPN with Layer 2 Access
Interne
Pros:
WAN Internet
Data t
Center
ASR 9K
 Very scalable
Nexus 7K
 Pseudo-wire support
 IPv6 support (6VPE)
 VSS/vPC Cat 9k/6K
Cons:
 MP-BGP configuration Cat9k
 Multicast configuration is complex Cat 9k/3k/4500
 FHRP on distribution devices
Network- Easy to Flexible Scalable Address Incrementally Mobility

based deploy agnostic deployable aware
12 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
VRF-Lite or MPLS Layer 3 Access
Interne
Pros:
WAN Internet
Data t
Center
ASR 9K
 L3 to the edge
Nexus 7K
 Minimize impact on
distribution layer (FHRP)
 Very scalable Cat 9k/6K
Cons:
 Complex route redistribution Cat9k
 L3 license at access Cat 9k
Network- Easy to Flexible Scalable Address Incrementally Mobility

based deploy agnostic deployable aware
13 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
MPLS L3 VPN Segmentation Building 1 Building 2 Building 3 Building 4
Server segment
Stuff segment
Stuff segment
Stuff segment
Logical segments (virtual partitions)
segment
IT admin
segment
segment
IT admin
segment
segment
IT admin
Student
Student
segment
IT admin
segment
Student
1, Create L2 VLANs on
access edge, and trunk
Server segment IT Admin segment Stuff segment Student sgement them to the upstream
Data Center A router.
Data Center A Building 1 Building 1
Data Center B
802.1q 802.1q
802.1q 802.1q
Data Center B Building 1 Building 2 Building 2
2. Define VRFs on the first
MPLS L2
Building 2 L3 routers (PE), and map
Building 3 Building 3 Building 4 VLANs to them. PE1 PE2 L3
Building 3
Building 4
10G 10G 10G 10G
3. Enable MPLS on all L3 MP-BGP

interfaces connecting PE
P1 10G
and P routers. P2
MPLS L3 VPN keeps all segments

logically separated from each other. 10G 10G 10G 10G
4. Configure MP-BGP on
ALL PE routers to
exchange L3 VPN routes
VPN traffic is now carried end-to- PE3 PE4 L3
L2
end within virtually isolated network 802.1q 802.1q
paths regardless of geographical MPLS encapsulated
locations.
IT admin
segment
segment
IT admin
segment
segment
Server
Server
Original packet
Original packet DC A DC B
Pros & Cons
• Pros:
• Segmentation
• Guest Access
• Security Zones
• Flexible
• Easy to use once initial build
• Scales
• Cons:
• Learning Curve
• No easy button or easy tools
Case 2: SaaS
Requirements
• Connect customers to hosted applications
• Customer must stay seperated (segmented)
• Must support overlapping address space
Big Picture
Design
• CSR1k per customer
• Provides
• Encrypted GRE or VRF
termination
• NAT
• Security filtering
• Peerng with internal ASR for

services
Pros & Cons
• Pros:
• Very large scale
• No config dependency between customers
• Automatable
• Distributed into many DCs
• Supports many business offers
• Cons:
• Requires initial investment into the architecture
• Workflow and tooling/UI development (not off the shelf)
Case 3: Distributed
Firewalls
Requirements
• Intra internal zones: Direct connectivity without firewall
• Inter-zone: Go through firewall
• Connectivity to Partners: Go through firewall
• Connectivity to Outside: Go through firewall
• Firewalls are:
• Distributed across many regions
• Traffic must stay symmetric
R19
Host3
E0/0
Host4
19
R20
2.1
68
4
0/2
.3.
.4. E0/0
68
0/2
E0/0 2.1
19
DC2
4
FW2 PE2 E0/2
E0/1 R17 AS65002
R18 E1/0
E0/0
E0/3
10
.1.
24
5.
/
4.0
0/2
.1.
4
VRFs:
10
E0/3 E0/3
E1/0 E1/0
R9 10.1.6.0/24 R10
E0/2 E0/0
PROD
10
E0/2
•
E0/0
3 DC Example
.1
.2
2.
10.1.21.0/24
0 /2
10.1.20.0/24
4
E0/2 E0/2
PCI
E0/0 E0/0
• R2 R5
• TEST
E0/3 E1/0
E0/3 E1/0
• DMZ 10
.1 .15
/24
.0/
24
10
.0
24
…
14
.1.
.0/
.1.
18
17
10
.0/
.1.
24
/24
10
R3 1.0
6.8
2.1
17
10.1.16.0/24
DC1 E0/0 R1 E0/3 E1/0 SP
FW1 AS65001 .0/
24
E0/3
E0/0 .1 .11 E1/0
10 E0/2
10.1.13.0/24 E0/0
R6 172.16.80.0/24 R25 R22
R14 R7 R4 E0/3 E0/1 172.16.82.0/24
E0/2 10.1.19.0/24 E0/2 E0/0 R12 Host5
24
AS100
.0 /
E0/0
4
10
0/2
E0/0 E0/0
12
/24
24
.1
E0/3 E1/0 E0/3
4
10
0 .0
.3.
/
.1.
0/2
1.
E1/0
9.0
.1
1.1
.1.
0/2
10
. .7
.5.
10
.1.
E0/0 .0
10
/2
68
4
10
E1/0 4
E1/0
2.1
E0/3 E0/2 172.16.83.0/24 E0/0 E0/2
E0/1 R23
19
E0/0
R8 E0/3
E0/3
E0/0
E1/0 E0/3 R11 E0/0 /24
R13 10.1.8 E1/0 68.6.0
E0/0 /24 10.1.2.0/24 .0/24 R21 192.1
68.1.0 Host6
R15 192.1 PE1
E0/2 PE3
192.1
E0/1
68.2.0
Host1 E0/0
DC3
/24
E0/0 R24
AS65003
R16 Host2
FW3
Inter/Intra VRF
Pros & Cons
• Pros:
• Scales nicely across many DCs
• Symmetric traffic
• Local inter-VRF always hits local/regional firewall
• Intra VRF bypasses firewall
• Cons:
• Inter-VRF goes through two firewalls always
• More firewalls requires config/policy coordination
• Automation of firewall rules highly desired
Case 4: WAN w/Colos
Why Hierarchies??
Simpler to Grow
Think modular
Scalable Easier to Understand
Intent Based Networking
As-Is Architectures To-Be Architectures
Traditional DC Centric Core Colo Centric Core
CoLo 2
Secure Agile Exchange
SD-WAN in WAN Access & WAN Core
Global
MPLS MPLS
MPLS
Internet
Internet
Global
MPLS
WAN Core
• The network in between the colos…
• Multiple Solutions:
• IP
• SD-WAN
• MPLS from providers
• Roll your own on top of EPL or WAVE circuits
Colo
US
Imagine Colo
Europe
Colo Colo
Colo
Colo
A Global Network of Colos (or Geo Hubs)
ASIA
Why Roll Your Own?
• Control
• Tight SLA Needs
• HA Needs
• Bandwidth Needs
• Cost
Essentially either outsource connectivity or do it yourself
APAC1
Global WAN Backbone Colo
R
Big Picture US-West
R Colo
R
Dual Plane Architecture: EMEA2
Colo
APAC2
• Very resilient R
R
R
Colo
• Modular Architecture R R
• Side A and Side B Side A

• Isolated Failure Domain R
• Circuits sized based on demand R R Side B

• Increase size or add circuits with US-East R
ECMP Colo
EMEA1
• Cost Efficient Colo
What is MAC Security (MACsec)?
Hop-by-Hop Encryption via IEEE802.1AE
• Hop-by-Hop Encryption model

-Packets are decrypted on ingress port
-Packets are in the clear in the device
Decrypt at Encrypt at
Ingress Egress
-Packets are encrypted on egress port 01101001010001001 01101001010001001
128bit AES GCM Encryption
• Supports 1/10G, 40G, 100G encryption speeds 01101001000110001001001000

everything in clear
through the router
• Data plane (IEEE 802.1AE) and control plane (IEEE 802.1x-Rev)
MACsec PHY
• Transparent to IPv4/v6, MPLS, multicast, routing

• Encryption aligns with Link PHY speed (Ethernet)
128/256 bit AES GCM Encryption 128/256 bit AES GCM Encryption
01001010001001001000101001001110101 011010010001100010010010001010010011101010 01101001010001001
Encrypted
Encrypted Segment
Segment
R2
R1
Sin
R1
R2
SJ
R2
R1 APAC2
EMEA2
R1
R2
w/Regional SD-WAN Ash
London R2
R1
R1 R2
WAN Core With MPLS - Problem Statement
• Visibility Challenges
• Brownouts and Congestion in Network Transport
• Traffic Engineering Complexity
• Lack of Centralized Design Tools
• Complexity
The old way
• LDP Scale
• Inter-AS
• RSVP-TE
• Fast ReRoute
Locally Select Either Side A or Side B
Nexus 7k/9k APAC1
Nexus 7k/9k
US-West
Nexus 7k/9k
Nexus 7k/9k
Nexus 7k/9k
APAC2
Nexus 7k/9k
Nexus 7k/9k
EMEA2
Nexus 7k/9k
Nexus 7k/9k
Nexus 7k/9k
US-East
Nexus 7k/9k
Nexus 7k/9k EMEA1

VPN Traffic (blue plane)
PE
PE
Locally Select Either Side A or Side B Internet Traffic (red plane)
PE
PE
Problem Statement
Circuits between geos are limited by capacity and latency

Why Segment Routing?
• Simple
• Eliminate protocols
• Make Descision, Encode
and Send C
• Path Control A
• Utilizes MPLS data plane Z
• Agility and Scale O

• Reduce control plane state
• Programmable
• Ability for application integration
• Software defined
Customer Requirements/Problems
• Congestion impact on apps and end users
• Latency and packet loss impact
• Imagine millions of concurrent transactions
• Few second outage can have big impact on business
TI-LFA – Zero-Segment Example
• TI-LFA for link R1R2 on R1 A Z
Calculate LFA(s)
Packet to Z Packet to Z
•
R1 R2
• Calculate post-convergence SPT

1000
• Find LFA on post-convergence R5
prefix-SID(Z)
• SPT Packet to Z
R4 R3
• R1 will steer the traffic towards
• LFA R5 Default metric:10
Stateful Path Computational Element (PCE)
Stateful PCE
• PCE maintains topology and path
database (established paths) LSP DB
• Centralized path computation TED
• Enables centralized control of path

PCEP
initiation and updates
• Well suited for SDN deployments
PCC
PCE-initiated
LSP
*Path Computational Client (Router)

*Path Computational Element (Controller)
XTC
• Learn about paths from IGP
domains
• Compute best paths between
nodes
XR Transport Controller (XTC)
• An IOS XR-powered Stateful Path
Computation Element (PCE)
SR PCE
• Can be physical or virtual router
North-Bound API
• Multi-Domain topology Collection Multi-Domain
Computation
Topology
• Real-time reactive feed
• Computation
• Native SR-TE algorithms backed by “Collection” “Deployment”
extensive scientific research1 BGP-LS PCEP
ISIS / OSPF
• Applicable to Centralized (Controller)
and Distributed (Router) deployments
(1) SIGCOMM 2015 whitepaper
WAN Automation Engine (WAE)
• Multi-layer, multi-vendor network
model for path visibility and path
computation
• APIs for planning, optimization,
forecasting and traffic engineering
• WAE is NOT a controller – but
leverages controllers
• Learn topology from XTC
WAE Network Model

Pros & Cons
• Pros:
• Colo based architecture is distributed and scalable
• Efficient in terms of latency
• Great multi-cloud connectivity strategy
• Great Direct Internet Access (DIA) strategy
• MACsec
• Cons:
• (EPL) Circuit mangament and sizing
• Change from traditional designs
Case 5: Multi-Cloud
Regions
Requirements
• Connect to AWS VPCs
• Terminate into VRFs
• Connect all regions to each other
• Connect to DCs
• Inject NGFW inline
What we are trying to accomplish
SP1
SP2
The WAN Core
At the colo
Intelligent Traffic Director (ITD)
• Hardware based load balancing
• Stateless
• High throughput
• HA model
• Creates large FW/IPS capacity
• VRF-Aware
With Service Chains
Remember: ITD is VRF-Aware

Colo Detail
Pros & Cons
• Pros:
• Multi-Cloud/Any-Cloud
• Distributed
• Flexible
• Partner Connections
• Custom automation
• Cons:
• Big design
• BGP skillset
• Custom automation
Case 6: Converging
Business Silos
Requirements
• Coverge 4 independent WANs into a common backbone
• Maximum HA
• Take nodes out of service for maintenance
• Control bandwidth and latency
• Telemetry
• Path control
• L3VPNs
Imagine
Colo Colo
Common
Backbone
Colo Colo
Topologies
Pros & Cons
• Pros:
• Dual Plane
• Traffic engineering
• Control
• Measurements & telemetry
• Converge silos and different networks into a global core
• Cons:
• Learning curve
• Finding the right tools
Conclusion
What you learned
• Traditional MPLS use case for network segmentation
• Connect many different networks
• WAN transport with Segment Routing
• Cloud connectivity with colos
Lessons Learned
• MPLS still very useful for segmentation
• MPLS w/SR for transport is very useful
• Colo based architecture is a major play for consuming cloud
services
• Distributed designs can enable very large and modular
deployments
• MACsec has a major play
• MPLS and SR are relevant
Complete your online session evaluation
Give us your feedback to be entered

into a Daily Survey Drawing.
Complete your session surveys through
the Cisco Live mobile app or on
www.CiscoLive.com/us.
Don’t forget: Cisco Live sessions will be available for viewing
on demand after the event at www.CiscoLive.com/Online.
Continue
your Demos in
the Cisco
Walk-in
self-paced
Meet the
engineer
Related
sessions
education campus labs 1:1
meetings
Thank you
#CLUS
#CLUS
R&S related Cisco education offerings
Course Description Cisco Certification
CCIE R&S Advanced Workshops (CIERS-1 & Expert level trainings including: instructor led workshops, self CCIE® Routing & Switching
CIERS-2) plus assessments, practice labs and CCIE Lab Builder to prepare candidates
Self Assessments, Workbooks & Labs for the CCIE R&S practical exam.
• Implementing Cisco IP Routing v2.0 Professional level instructor led trainings to prepare candidates for the CCNP® Routing & Switching
• Implementing Cisco IP Switched CCNP R&S exams (ROUTE, SWITCH and TSHOOT). Also available in
Networks V2.0 self study eLearning formats with Cisco Learning Labs.
• Troubleshooting and Maintaining
Cisco IP Networks v2.0
Interconnecting Cisco Networking Devices: Builds on ICND1 to provide capabilities needed to configure, implement CCNA® Routing & Switching
Part 2 (or combined) and troubleshoot a small enterprise network. Including: understanding of
Quality of Service (QoS), how virtualized and cloud services interact and
impact enterprise networks, along with an overview of network
programmability and the related controller types and tools that are
available to support software-defined network architectures.
Also available in self study eLearning format with Cisco Learning Lab.
Interconnecting Cisco Networking Devices: Understand layer 2 and layer 3 networking fundamentals needed to CCENT® Routing & Switching
Part 1 install, configure, and provide basic support of small/branch networks.
Covers network device security and IPv6 basics. Also available in self
study eLearning format with Cisco Learning Lab.
For more details, please visit: http://learningnetwork.cisco.com

Questions? Visit the Learning@Cisco Booth
Design Cisco education offerings
Designing Cisco Network Service Architectures Provides learner with the ability to perform conceptual, intermediate, CCDP® (Design Professional)
(ARCH) Version 3.0 and detailed design of a network infrastructure that supports desired
capacity, performance, availability required for converged Enterprise (Available Now)
network services and applications.
Designing for Cisco Internetwork Solutions Instructor led training focused on fundamental design methodologies CCDA® (Design Associate)
(DESGN) Version 3.0 used to determine requirements for network performance, security,
voice, and wireless solutions. Prepares candidates for the CCDA (Available Now)
certification exam.

Wireless Cisco education offerings
• Designing Cisco Wireless Enterprise Professional level instructor led trainings to prepare candidates to CCNP® Wireless
Networks conduct site surveys, implement, configure and support APs and
• Deploying Cisco Wireless Enterprise controllers in converged Enterprise networks. Focused on 802.11 and
Networks related technologies to design, deploy, troubleshoot as well as secure
• Troubleshooting Cisco Wireless Enterprise Wireless infrastructure. Course also provide details around Cisco
Networks mobility services Engine, Prime Infrastructure and wireless security.
• Securing Cisco Wireless Enterprise Networks
Implementing Cisco Unified Wireless Network Prepares candidates to design, install, configure, monitor and conduct CCNA® Wireless
Essential basic troubleshooting tasks of a Cisco WLAN in Enterprise installations.
Understanding of the Cisco Unified Wireless Networking for enterprise
deployment scenarios. In this course, you will learn the basics of how to
Deploying Basic Cisco Wireless LANs (WDBWL) install, configure, operate, and maintain a wireless network, both as an 1.2
add-on to an existing wireless LAN (WLAN) and as a new Cisco Unified
Wireless Networking solution.
The WDAWL advanced course is designed with the goal of providing
learners with the knowledge and skills to successfully plan, install,
Deploying Advanced Cisco Wireless LANs configure, troubleshoot, monitor, and maintain advanced Cisco wireless
1.2
(WDAWL) LAN solutions such as QoS, “salt and pepper” mobility, high density
deployments, and outdoor mesh deployments in an enterprise customer
environment.
Deploying Cisco Connected Mobile Experiences WCMX will prepare professionals to use the Cisco Unified Wireless
Network to configure, administer, manage, troubleshoot, and optimize 2.0
(WCMX) utilization of mobile content while gaining meaningful client analytics.

Cybersecurity Cisco education offerings
Understanding Cisco Cybersecurity The SECFND course provides understanding of CCNA® Cyber Ops
Fundamentals (SFUND) cybersecurity’s basic principles, foundational knowledge,
and core skills needed to build a foundation for
understanding more advanced cybersecurity material &
skills.
Implementing Cisco Cybersecurity This course prepares candidates to begin a career within a CCNA® Cyber Ops
Operations (SECOPS) Security Operations Center (SOC), working with
Cybersecurity Analysts at the associate level.
Cisco Security Product Training Official deep-dive, hands-on product training on Cisco’s
Courses latest security products, including NGFW, ASA, NGIPS,
AMP, Identity Services Engine, Email and Web Security
Appliances, and much more.
For more details, please visit: www.cisco.com/go/securitytraining or http://learningnetwork.cisco.com

Cybersecurity Cisco education offerings
CCIE Security 5.0 CCIE® Security
Implementing Cisco Edge Network Configure Cisco perimeter edge security solutions utilizing Cisco CCNP® Security
Security Solutions (SENSS) Switches, Cisco Routers, and Cisco Adaptive Security Appliance
(ASA) Firewalls
Implementing Cisco Threat Control
Solutions (SITCS) v1.5 Implement Cisco’s Next Generation Firewall (NGFW), FirePOWER
NGIPS (Next Generation IPS), Cisco AMP (Advanced Malware
Protection), as well as Web Security, Email Security and Cloud
Implementing Cisco Secure Access Web Security
Solutions (SISAS)
Deploy Cisco’s Identity Services Engine and 802.1X secure
Implementing Cisco Secure Mobility network access
Solutions (SIMOS)
Protect data traversing a public or shared infrastructure such as
the Internet by implementing and maintaining Cisco VPN
solutions
Implementing Cisco Network Security Focuses on the design, implementation, and monitoring of a CCNA® Security
(IINS 3.0) comprehensive security policy, using Cisco IOS security features
For more details, please visit: www.cisco.com/go/securitytraining or http://learningnetwork.cisco.com
Data Center / Virtualization Cisco education
offerings
Introducing Cisco Data Center Networking (DCICN) Get job-ready foundational-level certification and CCNA® Data Center
Introducing Cisco Data Center Technologies (DCICT) skills in installing, configuring, and maintaining
next generation data centers.
Implementing Cisco Data Center Unified Computing (DCUCI) Obtain professional level skills to design, CCNP® Data Center
Implementing Cisco Data Center Infrastructure (DCII) configure, implement, troubleshoot next
Implementing Cisco Data Center Virtualization and Automation generation data center infrastructure.
(DCVAI)
Designing Cisco Data Center Infrastructure (DCID)
Troubleshooting Cisco Data Center Infrastructure (DCIT)
Product Training Portfolio:DCAC9K, DCINX9K, DCMDS, DCUCS, Gain hands-on skills using Cisco solutions to
DCNX1K, DCNX5K, DCNX7K, CACND, DSACI, HFLEX configure, deploy, manage and troubleshoot
UCSDF, UCSDACI, DCUCCEN unified computing, policy-driven and virtualized
data center infrastructure.
Designing the FlexPod® Solution (FPDESIGN) Learn how to design, implement and administer Cisco and NetApp Certified
Implementing and Administering the FlexPod ® Solution (FPIMPADM) FlexPod® solutions FlexPod® Specialist
Designing the VersaStack Solution (VSDESIGN) Learn how to design, implement and administer
Implementing and Administering the VersaStack Solution (VSIMP) VersaStack solutions

Network Programmability Cisco education offerings
Developing with Cisco Network Provides Application Developers with comprehensive curriculum to Cisco Network Programmability
Programmability (NPDEV) develop infrastructure programming skills; Developer (NPDEV) Specialist
Addresses needs of software engineers who automate network Certification
infrastructure and/or utilize APIs and toolkits to interface with SDN
controllers and individual devices
Designing and Implementing Cisco Network Provides network engineers with comprehensive soup-to-nuts Cisco Network Programmability
Programmability (NPDESI) curriculum to develop and validate automation and programming skills; Design and Implementation
Directly addresses the evolving role of network engineers towards more (NPDESI) Specialist Certification
programmability, automation and orchestration
Programming for Network Engineers (PRNE) Learn the fundamentals of Python programming – within the context of Recommended pre-requisite for
performing functions relevant to network engineers. Use Network NPDESI and NPDEV Specialist
Programming to simplify or automate tasks Certifications
Cisco Digital Network Architecture This training provides students with the guiding principles and core
Implementation Essentials (DNAIE) elements of Cisco’s Digital Network Architecture (DNA) architecture and
its solution components including; APIC-EM, NFV, Analytics, Security
and Fabric.

Cloud Cisco education offerings
Learn how to perform foundational tasks related to
Understanding Cloud Fundamentals (CLDFND)
Cloud computing, and the essentials of Cloud CCNA® Cloud
Introducing Cloud Administration (CLDADM)
infrastructure, administration and operations
Implementing and Troubleshooting the Cisco Cloud Infrastructure
(CLDINF) Obtain professional level skills to design,
Designing the Cisco Cloud (CLDDES) automate, secure, provision and manage private CCNP® Cloud
Automating the Cisco Enterprise Cloud (CLDAUT) and hybrid Clouds
Building the Cisco Cloud with Application Centric Infrastructure (CLDACI)
Product Training Portfolio:

CloudCenter: CLDCTR* Gain in-depth hands-on skills using Cisco
UCS Director: UCSDF, UCSDACI solutions to configure, deploy, manage and
Prime Service Catalog: PSCF, PSCI, PSCD troubleshoot Cloud deployments
MetaPod: MPODF20
*Available Q3FY18

Collaboration Cisco education offerings
CCIE Collaboration Advanced Workshop (CIEC) Gain expert-level skills to integrate, configure, and troubleshoot CCIE® Collaboration
complex collaboration networks
Implementing Cisco Collaboration Applications Understand how to implement the full suite of Cisco collaboration CCNP® Collaboration
(CAPPS) applications including Jabber, Cisco Unified IM and Presence, and Cisco
Unity Connection.
Implementing Cisco IP Telephony and Video Learn how to implement Cisco Unified Communications Manager, CCNP® Collaboration
Part 1 (CIPTV1) CUBE, and audio and videoconferences in a single-site voice and video
network.
Implementing Cisco IP Telephony and Video
Part 2 (CIPTV2) Obtain the skills to implement Cisco Unified Communications Manager
in a modern, multisite collaboration environment.
Troubleshooting Cisco IP Telephony and Video
(CTCOLLAB) Troubleshoot complex integrated voice and video infrastructures
Implementing Cisco Collaboration Devices Acquire a basic understanding of collaboration technologies like Cisco CCNA® Collaboration
(CICD) Call Manager and Cisco Unified Communications Manager.
Implementing Cisco Video Network Devices Learn how to evaluate requirements for video deployments, and
(CIVND) implement Cisco Collaboration endpoints in converged Cisco
infrastructures.

Service Provider Cisco education offerings
Deploying Cisco Service Provider Network Routing SPROUTE covers the implementation of routing protocols (OSPF, IS-IS, BGP), CCNP Service Provider ®
(SPROUTE) & Advanced (SPADVROUTE) route manipulations, and HA routing features; SPADVROUTE covers advanced
routing topics in BGP, multicast services including PIM-SM, and IPv6;
Implementing Cisco Service Provider Next-
Generation Core Network Services (SPCORE) SPCORE covers network services, including MPLS-LDP, MPLS traffic
engineering, QoS mechanisms, and transport technologies;
Edge Network Services (SPEDGE) SPEDGE covers network services, including MPLS Layer 3 VPNs, Layer 2 VPNs,
and Carrier Ethernet services; all within SP IP NGN environments.
Building Cisco Service Provider Next-Generation The two courses introduce networking technologies and solutions, including OSI CCNA Service Provider ®
Networks, Part 1&2 (SPNGN1), (SPNGN2) and TCP/IP models, IPv4/v6, switching, routing, transport types, security, network
management, and Cisco OS (IOS and IOS XR).
Implementing Cisco Service Provider Mobility UMTS The three courses (SPUMTS, SPCDMA, SPLTE) cover knowledge and skills Cisco Service Provider Mobility
Networks (SPUMTS); required to understand products, technologies, and architectures that are found CDMA to LTE Specialist;
Implementing Cisco Service Provider Mobility CDMA in Universal Mobile Telecommunications Systems (UMTS) and Code Division Cisco Service Provider Mobility
Networks (SPCDMA); Multiple Access (CDMA) packet core networks, plus their migration to Long- UMTS to LTE Specialist
Implementing Cisco Service Provider Mobility LTE Term Evolution (LTE) Evolved Packet Systems (EPS), including Evolved Packet
Networks (SPLTE) Core (EPC) and Radio Access Networks (RANs).
Implementing and Maintaining Cisco Technologies Service Provider/Enterprise engineers to implement, verification-test, and Cisco IOS XR Specialist
Using IOS XR (IMTXR) optimize core/edge technologies in a Cisco IOS XR environment.

Internet of Things (IoT) Cisco education offerings
Managing Industrial Networks for An associate level instructor led lab based training CCNA® Industrial
Manufacturing (IMINS2) focuses on common industrial application protocols,
security, wireless and troubleshooting designed to
prepare you for the CCNA Industrial certification
Managing Industrial Networks with This instructor led lab based training addresses Cisco Industrial
Cisco Networking Technologies (IMINS) foundational skills needed to manage and administer Networking Specialist
networked industrial control systems for today's
connected plants and enterprises. It helps prepare plant
administrators, control system engineers and traditional
network engineers for the Cisco Industrial Networking
Specialist certification.
Control Systems Fundamentals For IT and Network Engineers, provides an introduction to Pre-learning for IMINS,
for Industrial Networking (ICINS) industry IoT verticals, automation environment and an IMINS2 training &
overview of industrial control networks (E-Learning) certifications
Networking Fundamentals For Industrial Engineers and Control System Technicians, Pre-learning for IMINS,
for Industrial Control Systems (INICS) covers basic IP and networking concepts, and IMINS2 training &
introductory overview of Automation industry Protocols. certifications

Data and Analytics Cisco education offerings
Course Description
ANDMB – Data Management, Architecture and Applications Provides hands on training with a technical mix of application, compute, storage and
networking topics concerning the deployment of Big Data clusters.
ANDMA – Advanced Data Management, Architecture and Covers major architecture design to cater to different needs of the application, data center
Applications or deployment requirements. It provides architectural designs and advanced hands-on
training on topics covering Scaling of cluster to thousands of nodes and management, Data
Life Cycle management with HDFS tiered storage, and different approaches for Multi-tenant
Hadoop cluster deployments with Openstack
Data and Analytics training page: http://www.cisco.com/c/en/us/training-events/resources/learning-services/technology/data-analytics.html

Digital Business Transformation
Cisco education offerings
For Technology Sellers:
Adopting the Cisco Business Architecture Builds skills to discover and address technology needs using a Cisco Business Architecture
Approach business-focused, consultative sales approach, broadly applicable and Analyst
targeted to prepare for the digital transformation journey that is
demanded across the business world.
Applying Cisco Business Architecture Provides tools and skills training to prepare the learner to use a business Cisco Business Architecture
Techniques led approach to technology solutions sales and deployments. This Specialist
continues the journey begun with the Adopting the Cisco Business
Architecture Approach above
Mastering the Cisco Business Architecture Builds skills, and proven, real-world techniques to prepare for a Cisco Business Architecture
Discipline Business architect leadership role in the sales and deployment of Practitioner
transformative technology solutions.
Cisco Customer Success Manager Specialist Prepares for the crucial role that drives adoption and enablement, Cisco Certified Customer
ensuring that customers achieve their expected business outcomes, and Success Manager
reduces churn/increases renewal for services and subscription based
products.


MPLS22LG

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

MPLS22LG

Încărcat de

Drepturi de autor:

Formate disponibile

#CLUS

Khalil Jabr, DSE

This is about how the technology is being used

Webex Teams will be moderated cs.co/ciscolivebot#BRKMPL-2110

• One physical network supports many virtual networks

Virtual Virtual Virtual

Actual Physical Network Infrastructure

 Physically one device

 Logically many devices

 Multicast configuration is complex Cat 9k/3k/4500

 FHRP on distribution devices

Network- Easy to Flexible Scalable Address Incrementally Mobility

 L3 license at access Cat 9k

Network- Easy to Flexible Scalable Address Incrementally Mobility

3. Enable MPLS on all L3 MP-BGP

MPLS L3 VPN keeps all segments

end within virtually isolated network 802.1q 802.1q

paths regardless of geographical MPLS encapsulated

• Peerng with internal ASR for

E0/3 E1/0 E0/3

Secure Agile Exchange

• Side A and Side B Side A

• Circuits sized based on demand R R Side B

• Hop-by-Hop Encryption model

• Supports 1/10G, 40G, 100G encryption speeds 01101001000110001001001000

• Transparent to IPv4/v6, MPLS, multicast, routing

01001010001001001000101001001110101 011010010001100010010010001010010011101010 01101001010001001

w/Regional SD-WAN Ash

Nexus 7k/9k EMEA1

Locally Select Either Side A or Side B Internet Traffic (red plane)

Circuits between geos are limited by capacity and latency

• Agility and Scale O

• Calculate post-convergence SPT

• Centralized path computation TED

• Enables centralized control of path

*Path Computational Client (Router)

WAE Network Model

Remember: ITD is VRF-Aware

Give us your feedback to be entered

For more details, please visit: http://learningnetwork.cisco.com

For more details, please visit: http://learningnetwork.cisco.com

For more details, please visit: http://learningnetwork.cisco.com

For more details, please visit: www.cisco.com/go/securitytraining or http://learningnetwork.cisco.com

For more details, please visit: http://learningnetwork.cisco.com

For more details, please visit: http://learningnetwork.cisco.com

Product Training Portfolio:

For more details, please visit: http://learningnetwork.cisco.com

For more details, please visit: http://learningnetwork.cisco.com

For more details, please visit: http://learningnetwork.cisco.com

For more details, please visit: http://learningnetwork.cisco.com

Data and Analytics training page: http://www.cisco.com/c/en/us/training-events/resources/learning-services/technology/data-analytics.html

For more details, please visit: http://learningnetwork.cisco.com

S-ar putea să vă placă și