LV EN RU DE FR

Course code InfT3022

Credit points 3

CISCO Networking Academy III

Total Hours in Course81

Number of hours for lectures16

Number of hours for laboratory classes16

Independent study hours49

Date of course confirmation25.10.2022

Responsible UnitInstitute of Computer Systems and Data Science

Course developers

author Datoru sistēmu un datu zinātnes institūts

Ivars Mozga

Dr. sc. ing.

author lect.

Aldis Bērziņš

Mg. sc. ing.

Prior knowledge

DatZ1004, Introduction in Computer Studies

DatZ2016, Operating Systems I

DatZ2017, Operating Systems II

DatZ2055, Computer Hardware I

DatZ2056, Computer Hardware II

DatZ2024, Computer Networks I

InfT2036, CISCO Networking Academy I

InfT2037, CISCO Networking Academy II

Course abstract

The purpose of the study course is to introduce students with the design, provisioning, operation and troubleshooting of enterprise networks. This course covers wide area network (WAN) technologies and quality of service (QoS) mechanisms used for secure remote access. ENSA also implements software-defined networking, virtualization and automation concepts that support the digitization of networks. Students learn the skills to configure and manage enterprise networks, and learn to identify and protect against cyber security threats. They are introduced to network management tools and learn the key concepts of software-defined networking, including controller-based architectures and how application programming interfaces (APIs) enable network automation.
The Computer Networks (CISCO) III course is based on Cisco's CCNA: Enterprise Networks, Security and Automation course. It is the last of three courses leading to the Cisco Certified Network Associate (CCNA) certification.

Learning outcomes and their assessment

• students know how one-area OSPF works both in point-to-point and broadcast multi-access networks; how ACLs are used as part of a network security policy; how WAN access technologies can be used to meet business requirements; how VPNs and IPsec are used to provide site-to-site connectivity and remote access connectivity; how network devices implement QoS; how network automation is enabled using RESTful APIs and configuration management tools – theory test and practicals of the relevant topic
• students know how to implement single-area OSPFv2 in both point-to-point and broadcast multi-access networks; IPv4 ACLs to filter traffic and provide administrative access; NAT services on the edge router to provide IPv4 address scalability; network management protocols to monitor the network – practicals
• students are able to design company networks independently, explain the characteristics of scalable network architectures, troubleshoot company network problems, as well as explain the purpose and characteristics of network virtualization - theoretical test of the relevant topic, practical work, final test.

Course Content(Calendar)

1. Single-area OSPFv2 concept. Single-area OSPF operation in both point-to-point and broadcast multiaccess networks. OSPF basic functions and features. Types of OSPF packets in single-area OSPF usage. OSPF operation of one area – 2 h
2. Single-area OSPFv2 configuration. Implementation of single-area OSPFv2 in both point-to-point and broadcast multiaccess networks. Configuring an OSPFv2 router ID. Configuring single-area OSPFv2 in a point-to-point network. Configuring OSPF interface priority to influence DR/BDR selection in a multi-access network. Modifications to single-area OSPFv2 operation. OSPF configuration to propagate the default route. Implementation of one area OSPFv2 – 2 h
3. Network security concept. Network security improvements by mitigating vulnerabilities, threats and exploits. The current state of cyber security and the vector of data loss. Threat actors. Tools used by threat actors. Malicious types of software. Common network attacks. IP vulnerabilities exploited by threat actors. TCP and UDP vulnerabilities exploited by threat actors. IP services used by threat actors. Best practices for network protection. Common cryptographic processes used to protect data in transit - 2 h
4. ACL concept. Using ACLs as part of a network security policy. ACL in traffic filtering. ACL in wildcard mask usage. Creating an ACL. Standard and extended IPv4 ACL – 2 h
5. ACL IPv4 configuration. Implementation of IPv4 ACLs to filter traffic and provide administrative access. Standard configuration of IPv4 ACLs to filter traffic according to network requirements. Using sequence numbers to edit existing standard IPv4 ACLs. Standard ACL configuration to allow vty access. Configuration of extended IPv4 ACLs to filter traffic according to network requirements - 2 h
6. IPv4 NAT. Configuration of NAT services on the edge router to provide IPv4 address scalability. Purposes and functions of NAT. Operation of different types of NAT. Advantages and disadvantages of NAT. Static NAT configuration using CLI. Dynamic NAT configuration using the CLI. PAT configuration via CLI. NAT IPv6 – 2 h
7. WAN concept. Using WAN access technologies to meet business requirements. WAN target. WAN operation. Traditional WAN connection options. Modern WAN connectivity options. Internet WAN connection options – 2 h
8. VPN and IPsec concept. VPN and IPsec security for site and remote access connections. Advantages of VPN technology. Different types of VPNs. Using the IPsec system to secure network traffic – 2 h
9. QoS concept. QoS on network devices. Effect of network transmission characteristics on quality. Minimum network requirements for voice, video and data traffic. Queuing algorithms used by network devices. Different QoS models. Mechanisms used by QoS to ensure transmission quality – 2 h
10. Network Management. Implementation of protocols to manage the network. Using CDP to map network topology. Using LLDP to map network topology. NTP implementation between NTP client and NTP server. SNMP operation. Syslog operation. IOS configuration file backup and restore commands. IOS system upgrade – 2 h
11. Network design. Characteristics of scalable network architectures. Consolidation of data, voice and video in a switched network. Scalable Network Design Considerations. Switch hardware features for network requirements. Types of routers available for small and medium-sized business networks - 2 h
12. Network Troubleshooting. Developing and using network documentation to troubleshoot network problems. Troubleshooting techniques that use a systematic, multi-layered approach. Various network troubleshooting tools. Identifying the symptoms and causes of network problems using a layer model. Network troubleshooting using the layered model - 2 h
13. Network virtualization. Objectives and characteristics of network virtualization. Importance of cloud computing. The importance of virtualization. Virtualization of network devices and services. Software-defined networking. Controllers used in network programming – 2 h
14. Network Automation. Enabling network automation using RESTful APIs and configuration management tools. Automation. JSON, YAML and XML data formats. Using APIs to communicate between computers. The use of REST in computer-to-computer communication. Configuration management tools Puppet, Chef, Ansible and SaltStack. Cisco DNA Center – 2 h
15. Practical exam – 2 h
16. Final test – 2 h

Requirements for awarding credit points

To award credit points for Computer Networks (CISCO) Part III:
• it is necessary to complete all the theoretical tests provided at the end of each module;
• it is necessary to perform practical tasks, if such have been created in the relevant module;
• it is necessary to pass the final test.
The grade is formed as an accumulative grade, taking into account the theoretical tests, practical tasks and the final test.

Description of the organization and tasks of students’ independent work

The organization of independent work during the semester is independently studying literature, using academic staff member consultations.

Criteria for Evaluating Learning Outcomes

The mark of the course depends on the cumulative evaluation of the semester: 1. Assessment of theoretical tests (50%), 2. Final test (50%). The maximum number of % is 100%, which corresponds to mark 10 for the course.

Compulsory reading

Reģistrētajiem studentiem pieejamais oficiālais mācību materiāls Cisco Tīklu Akadēmijas vietnē: http://www.netacad.com.
Odom W. CCNA routing and switching ICND2 200-105: official cert guide: learn, prepare, and practice for exam success. Indianapolis, IN: Cisco Press, 2016. 876 p. ISBN 9781587205989.
Odom W. CCENT/CCNA ICND1 100-105: official cert guide: learn, prepare, and practice for exam success.Indianapolis, IN: Cisco Press, 2016. 965 p. ISBN 9781587205804.
Santos O., Stuppi J. CCNA Security 210-260: official cert guide: learn, prepare, and practice for exam success. Indianapolis, IN: Cisco Press, 2015. 570 p. ISBN 9781587205668.

Further reading

Dye M. A., McDonald R., Rufi A. W. Network fundamentals: CCNA exploration companion guide. Indianapolis, IN: Cisco Press, 2008. 528 p. ISBN 9781587132087.
Graziani R., Johnson A. Routing protocols and concepts: CCNA exploration companion guide. Indianapolis, Indiana: Cisco Press, 2008. 606 p. ISBN 9781587132063.
Lewis W.. LAN switching and wireless: CCNA exploration companion guide. Indianapolis, IN: Cisco Press, 2008. 497 p. ISBN 9781587132070.
Vachon B., Graziani R. Accessing the WAN: CCNA exploration companion guide . Indianapolis, Indiana: Cisco Press, 2008. 668 p. ISBN 9781587132056

Periodicals and other sources

http://www.netacad.com
http://www.networkworld.com/

Notes

Study course for students of the ITF academic study program "Computer Control and Computer Science".