| NMS-1001 |
Introduction
to Network Management |
| Tuesday 10:00 am - 12:00 pm;
Tuesday 4:00 pm - 6:00 pm |
This session
describes what it means to manage today's complex networks.
It discusses the role of network management within organizations,
along with the different components and processes involved.
By describing the various network management tools and technologies
available today, this session provides participants with a
solid foundation for effective network management.
This session is designed to be useful for all network administrators.
Associated Sessions:
NMS-1011 Principles of Fault Management
NMS-1021 Principles of Network Configuration
NMS-1031 Introduction to Collecting Traffic Accounting Information
NMS-1031 Introduction to Collecting Traffic Accounting Information
NMS-1041 Introduction to Performance Management
NMS-2051 Securely Managing Your Network
|
| NMS-1011 |
Principles
of Fault Management |
| Tuesday 1:30
pm - 3:30 pm; Wednesday 1:30 pm - 3:30 pm |
An effective
fault management process is essential to maintain network
service and high availability. This session teaches how to
improve network availability through the use of fault management
tools and techniques. It provides an overview of the fault
management process, as well as specifics on fault management
tools, including event- or fault-reporting capabilities in
Cisco devices and available fault management applications.
We will go in some detail about Simple Network Managment Protocol
(SNMP) and Syslog notifications, as well as additional capabilities
in Cisco devices, such as the Cisco Service Assurance Agent,
Remote Monitoring (RMON) alarms and events, and the Event
Management Information Base (MIB). In addition, the session
will provide a brief introduction to the Expression MIB. We
will also discuss applications that can be used to manage
fault-reporting capabilities and fault-management systems
such as Internet Performance Monitor, Cisco Info Center, Device
Fault Manager, and several third-party applications.
This session is designed to be useful for all network administrators. Attendees should be familiar with the basics of network management.
Associated Sessions:
NMS-1001 Introduction to Network Management, NMS-2001 Network Troubleshooting Tools and Techniques
|
| NMS-1031 |
Introduction to Collecting
Traffic Accounting Information |
| Tuesday 10:00
am - 12:00 pm; Wednesday 10:00 am - 12:00 pm |
This session
provides an overview of device accounting technologies. We
will describe and technically compare different accounting
methods, including Management Information Base (MIB); IP Accounting;
Remote Monitoring (RMON); NetFlow; BGP Policy Accounting;
authentication, authorization, and accounting (AAA); and Network-Based
Application Recognition (NBAR). Configuration examples, deployment
recommendations, and some troubleshooting will be discussed.
Attendees should be familiar with network management basics.
This session is designed to be particularly useful for enterprise and service provider experts engaged in designing and maintaining accounting and billing solutions and traffic analysis and baselining solutions.
Associated Sessions:
NMS-1001 Introduction to Network Management
NMS-4031 Advanced NetFlow Accounting
|
| NMS-1041 |
Introduction to Performance
Management |
| Tuesday 10:00
am - 12:00 pm; Tuesday 4:00 pm - 6:00 pm |
This session
will provide an introduction to network performance management,
starting with the relationship of performance, fault, and
accounting mangement. We will explain the operations of the
protocols used in this area. The basic statistics that are
required to do performance mangement are covered next. Then
we will discuss data collection and the types of data to collect.
Next we will discuss data processing and analysis--what to
do with this data (words about this). Last, we will briefly
cover the applications available from Cisco and our partners
that do performance management.
This session is most useful for those who have attended NMS- 1001 and are interested in measuring and improving the performance of their networks.
Associated Sessions:
NMS-1001 Introduction to Network Management
|
| NMS-1101 |
Understanding DNS
& DHCP |
| Tuesday 4:00
pm - 6:00 pm; Wednesday 10:00 am - 12:00 pm |
This session
describes the management of IP addresses, host and domain
names. It builds from fundamental concepts of hierarchical
and dynamic organization of addresses and names through the
implementation of reliable and secure name resolution and
host configuration services. This session specifically explains
the design and operation of Dynamic Host Configuration Protocol
(DHCP) and the Domain Name System (DNS). It also includes
recent standards developments in the IETF.
This session is useful for all network administrators.
Associated Sessions:
NMS-2301 Deploying and Troubleshooting Content Switching
|
| NMS-1201 |
Improving Network
Availability |
| Wednesday
10:00 am - 12:00 pm; Wednesday 4:00 pm - 6:00 pm |
Network availability
is an increasing concern across many types of network infrastructures,
and a significant business problem is presented when network
failures occur. Instead of waiting for the failure, many organizations
are looking at availability more proactively. This session
looks specifically at the components of availability, network
failure types, and proven methodologies for improving network
availability. By fully understanding these areas, participants
should be better armed to take availability to the next level
within their organizations. This session covers hardware,
software, power and environment, links and carriers, configuration
and changes, and resource usage type failures. Common failure
types, failure domains, and availability perceptions across
the industry will be discussed, as well as some proven methodologies
to increase availability and to align availability with business
objectives.
This session is useful for all network administrators.
Associated Sessions:
NMS-2001 Network Troubleshooting Tools and Techniques
NMS-2201 Deploying Highly Available Enterprise Networks
|
| NMS-1301 |
Introduction to Content
Switching |
| Tuesday 1:30
pm - 3:30 pm; Wednesday 4:00 pm - 6:00 pm |
This session
introduces and discusses the underlying technologies and the
principles of Content Switching, including local load balancing,
SSL integration and offload, geographic load balancing and
disaster recovery.
A discussion of relevant protocols, such as DNS, TCP, UDP, HTTP 1.0 and 1.1, SSL and TLS, will serve as a foundation for the session. Fundamental concepts of Content Switching and SSL offload will then be presented: load balancing based on Layer 3 and Layer 4 information, delayed binding and parsing of HTTP requests, server health monitoring mechanisms, session persistence issues and solutions, redundancy options, SSL termination and load balancing.
With the goal of providing the attendees with the knowledge to evaluate Content Switching products and solutions that meet their current and future needs, the session also covers the basic and advanced features offered by today's content switches and SSL devices as well as details on load balancing and SSL performance metrics.
The session concludes with an overview of typical Content Switching deployments.
This session is intended for Network Engineers who need to understand, evaluate and deploy content switching solutions, to create highly available, scaleable web and data center infrastructures.
Associated Sessions:
NMS-1302 Introduction to Content Delivery Protocols and Technologies
NMS-2301 Deploying and Troubleshooting Content Switching
NMS-2302 Deploying Web and Video Edge Delivery
NMS-2303 Deploying Web and Video Proxy Caching
|
| NMS-1302 |
Introduction to Content
Delivery Protocols and Technologies |
| Tuesday 10:00
am - 12:00 pm; Wednesday 10:00 am - 12:00 pm |
This session
introduces the fundamental technologies used to create distribute,
request, and deliver multimedia content. The individual nature
of the content has an impact on how it should be distributed
in the network. This session discusses in detail several protocols
used in multimedia streaming applications, the impact of multimedia
on the network, and how the different network elements will
support the scalability of multimedia applications. It gives
some examples on how content networks are built and how the
different protocols and technologies are applied to create
powerful solutions.
This session is designed to be particularly useful for network engineers interested in HTTP, content delivery, caching, multimedia, or video streaming applications.
Associated Sessions:
NMS-2302 Deploying Web and Video Edge Delivery (Level 2)
NMS-2303 Deploying Web and Video Proxy Caching (Level 2)
PWR-5012 Video and Web Edge Delivery Power Session (Level 2)
|
| RST-1001 |
Introduction to Link
State Protocols |
| Tuesday 10:00
am - 12:00 pm; Wednesday 10:00 am - 12:00 pm |
This session
Provides an overview of link state interior gateway routing
protocols, including OSPF and IS-IS. This session covers the
fundamental concepts and theory of links state routing, including
the flooding of information and synchronization of databases
between devices, the operation of the Dijkstra Shortest Path
First algorithm, and partial (leaf only) Shorest Path First
calculations. Some discussion is included on the lcaling of
link state routing protocols.
The target audience for this session is network engineers who are new to link state routing protocols, or would like to understand more about the fundamentals of these protocols.
Associated Sessions:
Associated sessions include RST-2002, Fundamental Deployment and Analysis of Link State Protocols, and RST-3002, Complex Deployment and Analysis of Link State Protocols.
|
| RST-1051 |
Introduction to IP
Multicast |
| Tuesday 10:00
am - 12:00 pm; Wednesday 1:30 pm - 3:30 pm |
This session
provides the attendee with an overview of the fundamentals
of IP multicast. It covers basic IP multicast concepts of
several essential components such as link layer addressing,
host-router signaling (IGMP v1-v3), distribution trees and
Reverse Path Forwarding. The session then gives the attendee
an overview of Sparse Mode Protocol Independent Multicast
(PIM-SM). This PIM-SM overview provides a brief, high-level
look at the various PIM-SM modes of operation including basic
Sparse Mode, Bidir and Source Specific Multicast. In addition,
the concepts of several Interdomain multicast protocols such
as MBGP, MSDP and Multicast VPNs are briefly introduced.
This session is applicable for network engineers involved in either service-provider or enterprise network environments and who have no previous background in IP Multicast.
Associated Sessions:
RST-2051 ''Deploying IP Multicast''
RST-4051 ''Advanced IP Multicast''
|
| RST-1061 |
Introduction to MPLS |
| Tuesday 10:00
am - 12:00 pm; Wednesday 10:00 am - 12:00 pm |
This session
introduces Multiprotocol Label Switching (MPLS) and its various
major applications including Traffic Engineering (TE), Virtual
Private Networks (VPNs), Quality of Service (QoS) and MPLS
Transport and Virtual Leased Lines. This introduction will
also include a discussion about the motivations behind MPLS
and various application examples. Further discussion will
include sub-topics such as basic label forwarding, RSVP and
LDP, LSP Set-Up, and Fast Re-Route (FRR) protection.
This session is designed to be particularly useful for attendees working in the following areas: networking technologists, managers, and executives planning to deply or support MPLS deployments.
Associated Sessions:
Other MPLS sessions associated with this session include : -
RST-2061 - Deploying MPLS VPNs
RST-2062 - Deploying MPLS Traffic Engineering
RST-3061 - Troubleshooting MPLS VPNs
|
| SEC-1000 |
Introduction to Network
Security |
| Tuesday 10:00
am - 12:00 pm; Wednesday 4:00 pm - 6:00 pm |
The Internet
is a "good news, bad news" proposition. The good news is that
it is a public network, where almost everybody in the world
has access. However, the bad news is also that it is a public
network, and as a result, is not secure. Security must not
be treated as a separate issue from our networks. Security
is not a device; it is a process. This introductory session
provides foundation knowledge in network security principles
and introduces attendees to security technologies that can
be integrated into the network.
This session is designed to be particularly useful for all attendees interested in network security fundamentals. It will help prepare participants for subsequent sessions focused on security.
Associated Sessions:
The following session title(s) are associated with this session:-
SEC-2000 Design Principles for Secure Network Edges,
SEC-2001 Design Principles for Secure Enterprise Campuses,
SEC-2004 Responding to Security Incidents
|
| NMS-2001 |
Network Troubleshooting
Tools and Techniques |
| Tuesday 1:30
pm - 3:30 pm; Thursday 10:00 am - 12:00 pm |
This session
covers general network troubleshooting tools and techniques,
focusing on classifying network problems in order to determine
what tools to use to troubleshoot them. We will look at some
general tools of the trade like ping, traceroute, sniffers,
and Remote Monitoring (RMON), as well as Cisco tools such
as Service Assurance Agent and CLI commands. Attendees should
have a good understanding of network management practices,
and the importance of constructing network baselines to aid
in identifying network problems.
This session is designed to be useful for all network administrators.
Associated Sessions:
NMS-1001 Introduction to Network Management
NMS-4041 Advanced Performance Management with Cisco Service Assurance Agent
Specific protocol or technology session (Troubleshooting WANs, Troubleshooting BGP, etc.)
|
| NMS-2021 |
Configuration of Large
Scale Networks with CiscoWorks |
| Wednesday
4:00 pm - 6:00 pm; Thursday 4:00 pm - 6:00 pm |
This session
focuses on tools and techniques to effectively scale CiscoWorks
up to its maximum device capacity, and the deployment models
needed to manage larger networks. We will look at server requirements,
redundancy scenarios, tools such as the Data Export Engine,
Remote Syslog Analyzer Collect, and Device List Management
Services, as well as real-world, large-scale deployments.
Attendees should have an understanding of CiscoWorks, and
can expect to receive tips on what they can do to further
enhance its operation in their network.
This session is designed to be useful for all network administrators.
Associated Sessions:
NMS-1001 Introduction to Network Management
NMS-1201 Improving Network Availability
NMS-2201 Deploying Highly Available Enterprise Networks
NMS-4021 Advanced Configuration Methods
NMS-4041 Advanced Performance Management with Cisco Service Assurance Agent
|
| NMS-2041 |
Performance Measurement
with Cisco IOS |
| Wednesday
10:00 am - 12:00 pm; Wednesday 4:00 pm - 6:00 pm |
Starting with
an introduction on SLA concepts, this session focused on Cisco
IOS Software features, including Service Assurance Agent (SAA),
Application Response Time (ART), Remote Monitoring (RMON),
and other MIBs. Understanding these different means will allow
you to measure availability, usage, and performance on your
network through the command line interface (CLI) and/or Simple
Network Management Protocol (SNMP).Attendees should be familiar
with the Cisco IOS Software CLI and have a basic understanding
of network management concepts.
This session is most useful for those who have attended NSC- 1041 ''Introduction to Performance Management'' and are familiar with IOS.
Associated Sessions:
NMS-1041 Introduction to Performance Management
NMS-4041 Advanced Performance Management with Cisco Service Assurance Agent
|
| NMS-2051 |
Securely Managing
Your Network |
| Tuesday 10:00
am - 12:00 pm; Tuesday 4:00 pm - 6:00 pm |
This technical
session explains the concepts, issues, and current capabilities
in merging security and network management. The issues that
sometimes put these necessary functions at odds will be discussed,
and you will learn about techniques for in-band and out-of-band
management, Simple Network Management Protocol (SNMP)v3, and
other secure protocols for managing Cisco networks. We will
share examples of securely managing your network and how the
Cisco SAFE architecture might be integrated with network management
in mind.
This session is usefule for all network administrators.
Associated Sessions:
NMS-1001 Introduction to Network Management
NMS-4021 Advanced Configuration Methods
SEC-2006 Managing Security Technologies
|
| NMS-2102 |
Deploying and Troubleshooting
NAT |
| Wednesday
4:00 pm - 6:00 pm; Thursday 1:30 pm - 3:30 pm |
This session
discusses the configuration and deployment of Cisco IOS Software-based
Network Address Translation (NAT) in an enterprise environment.
Discussion will vary from why someone might want to implement
NAT to the configuration and troubleshooting of a network
that is using NAT technology. This year's focus will be on
virtual private network (VPN), voice, and new enhancement
to Cisco IOS Software-based NAT functions.
This session is designed to be particularly useful for network engineers who support the network infrastructure and are considering or currently maintaining a network that uses Cisco IOS Software-based address translation.
Associated Sessions:
NMN-2201 Deploying Highly Available Enterprise Networks
PRD-8056 Deploying a Remote Access VPN using Cisco IOS Today andTomorrow
SEC-3010 Troubleshooting Cisco IOS and Cisco Secure PIX Firewall-BasedIPSec VPNs
SEC-3011 Troubleshooting Cisco VPN 3000 Series Concentrator IPSec VPNs
SEC-3020 Troubleshooting Firewalls
|
| NMS-2201 |
Deploying Highly Available
Enterprise Networks |
| Thursday
10:00 am - 12:00 pm; Thursday 4:00 pm - 6:00 pm |
This session
examines how deployment of a modular network architecture
at the enterprise edge and core can increase the availability
of the network as a whole. It will focus on traditional design
decisions and the use of redundancy to achieve greater resiliency.
We'll also discuss how networks can permit application survival
even in the event of a disaster at primary or distributed
data centers. Recently available technologies such as high-speed
transport (Synchronous Optical Network [SONET], coarse-wavelength
division multiplexing [CWDM], dense-wavelength division multiplexing
[DWDM]), 802.1S, 802.1W, Gateway Load Balancing Protocol,
Non-Stop Forwarding and Stateful Switchover, and Stateful
Network Address Translation (NAT) will be examined.
This session is useful for those who have attended NSC-1201 Improving Network Availability.
Associated Sessions:
NMS-1201 Improving Network Availability
|
| NMS-2301 |
Deploying and Troubleshooting
Content Switching |
| Wednesday
1:30 pm - 3:30 pm; Thursday 1:30 pm - 3:30 pm |
This session
discusses content switching technology in the data center
and begins with a general discussion of the challenges faced
by IT managers in providing a highly resilient, highly available
content switched network. The session goes into the details
of related supporting technologies and the challenges that
those technologies bring to content switching in the data
center. A detailed discussion is provided on content-switching
design guidelines, best practices, deployment scenarios, and
recommended troubleshooting methods. Numerous content switching
terms and fundamentals are detailed such as such as load-balancing
algorithms, performance metrics, server health and server
tracking mechanisms, delayed binding, persistence, and HTTP
header parsing.Discussions will include common interoperability
scenarios, multiple high-availability environments such as
state preservation, as well as web security through the use
of firewall and Secure Sockets Layer (SSL) technologies. Topics
also include scalability considerations when using various
content switching technologies, and the design considerations
of their applications into data center designs. This session
highlights recommended content switching troubleshooting practices
and procedures applied to currently available technologies
focusing on both interoperability and server farm health issues.
This session is designed to be particularly useful for network engineers that are in charge of the deployment or troubleshooting of content switching technologies.
Associated Sessions:
NMS-1301 Introduction to Content Switching Technologies (Level 2)
|
| NMS-2302 |
Deploying Web and
Video Edge Delivery |
| Tuesday 1:30
pm - 3:30 pm; Thursday 10:00 am - 12:00 pm |
Imagine all
your branch offices were connected to the data center with
100Mbps connection. That's essentially the thrust behind edge
delivery.Customers that have been hesitant to deploy rich
media e-learningapplications and software distribution are
no longer constrained byexpensive limited WAN resources. They're
also not constrained by theadministrative overhead of deploying
a general purpose server for video or adedicated storage device.
This session will focus on deploying e-learningregardless
of WAN bandwidth, multicast, and QoS. We'll understand what'sinvolved
in safely, efficiently, and securely acquiring and distributinge-learning
content using the Content Distribution Manager (CDM). Finally,we'll
learn about request routing methods so that client requests
areintelligently routed to the best available Content Engine
to service therequest.
This session addresses the challenges of Web and video edge delivery of rich digital media for e-learning, marketing, and kiosk services. It is designed to be particularly useful for network, Web, and video engineers deploying and supporting edge delivery.
Associated Sessions:
NMS-1302 Introduction to Content Delivery Protocols and Technologies (Level 1)
NMS-2303 Deploying Web and Video Caching (Level 2)
NSC-2303 Deploying Web and Video Proxy Caching (Level 2)
|
| NMS-2303 |
Developing Web and
Video Proxy Caching |
| Wednesday
1:30 pm - 3:30 pm; Thursday 4:00 pm - 6:00 pm |
Every Web
object requested by your employees will cross your WAN or
Internet link as many times as there are employees. Web browsers
have integrated caches to minimize the client response time
and reduce intranet/Internet bandwidth consumption, but if
you have 100 people in a branch office, the browser cache
does nothing to help your neighbor. As a result, popular objects
traverse the WAN once per client (100 times). If that happens
to be a 1-MB Java Archive (JAR) file, the network has to deliver
100 MB. Similar results apply to Internet-requested objects.
This session focuses on accelerating the performance of Web-enabled
enterprise applications like Siebel, SAP, and Oracle. It also
details how to use content engines to cache and split Internet-sourced
multimedia. Common Internet proxy deployment models, tiered
Web and video caching deployments, securing the enterprise
with worm blocking, and video Web casting will be discussed.
This session addresses the challenges of Web and video caching. It is designed to be particularly useful for network, Web, and video engineers deploying and supporting this technology.
Associated Sessions:
NMS-1302 Intro to Content Delivery Protocols and Technologies (Level 1)
NMS-2302 Deploying Web and Video Edge Delivery (Level 2)
|
| RST-2001 |
Fundamental Deployment
and Analysis of EIGRP |
| Tuesday 4:00
pm - 6:00 pm; Wednesday 4:00 pm - 6:00 pm |
An introduction
to Cisco's advanced distance vector routing protocol, EIGRP.
This session covers neighbor formation and troubleshooting,
metric calculation, the Diffusing Update Algorithm (DUAL)
for determing loop free paths and querying neighbors, and
troubleshooting sutck in actives. This session will provide
the administrator of an EIGRP network the fundamental knowledge
and tools to manage and troubleshoot their network.
The target audience for this session includes network engineers who currently manage EIGRP networks, and network engineers who are currently considering deploying EIGRP in their networks, and would like to know more about the protocol.
Associated Sessions:
Related sessions include RST-3001, Complex Deployment and Analysis of EIGRP.
|
| RST-2002 |
Fundamental Deployment
and Analysis of Link State Protocols |
| Tuesday 1:30
pm - 3:30 pm; Wednesday 1:30 pm - 3:30 pm |
This session
provides a basic look at the deployment and troubleshooting
of link state protocols, including OSPF and IS-IS (with the
focus on OSPF). This session will cover such topics as neighbor
adjacency formation and troubleshooting; database synchronization,
flooding, and troubleshooting; dividing link state flooding
domains; stubs, summaries, and other techniques for hiding
information in a link state network.
The target audience for this session includes network engineers who are currently managing a network running a link state routing protocol, and who would like to learn more about techniques for scaling and troubleshooting that network, and network engineer.
Associated Sessions:
Related sessions include RST-1001, Introduction to Link State Protocols, and RST-3002, Complex Deployment and Analysis of Link State Protocols.
|
| RST-2003 |
Fundamental Deployment
and Analysis of BGP |
| Wednesday
10:00 am - 12:00 pm; Thursday 10:00 am - 12:00 pm |
This session offers an introduction to the basics of the Border Gateway Protocol. The session includes such topics as building and troubleshooting peering relationships, common deployment considerations such as controlling traffic flow through policy, peering arrangements, and policies, and route reflectors.
The target audience is network engineers who have deployed or are considering deploying the BGP protocol in their networks, either in a peering arrangement with other (external) routing domains (such as the Internet), or as a way to scale the core of a large scale network.
Associated Sessions:
Related sessions include RST-3003, Complex Deployment and Analysis of BGP, and RST-4005, Advanced Routing Protocols Security.
|
| RST-2004 |
Deploying Routing
Protocol Resiliency with Graceful Restart |
| Wednesday
10:00 am - 12:00 pm; Thursday 1:30 pm - 3:30 pm |
Network engineers
and architects continue their quest to increase network availability
in the face of congestion, security breach or changes in network.
Device level availability prompts use of redundant Route Processors.
Redundant route processors can increase network availability
and provide Non-Stop forwarding characteristics when augmented
with graceful restart mechanisms.
This session will discuss increasing resiliency in IP networks using graceful restart (Non-Stop Forwarding) extensions in routing protocols. This session will provide functional details of restart mechanisms in OSPF, BGP, EIGRP and ISIS. Complementary resiliency aspects like Non-Stop Forwarding (NSF) and Stateful Switchover (SSO) will also be covered. Deployment consideration will be discussed.
This session is suitable for Enterprise and Service Providers who have OSPF, ISIS, EIGRP and BGP in their networks.
Associated Sessions:
RST-2001, RST-2002, RST-2003, RST-3001, RST-3002, RST-3003, RST-2111 and RST-2112
|
| RST-2051 |
Deploying IP Multicast |
| Tuesday 1:30
pm - 3:30 pm; Wednesday 4:00 pm - 6:00 pm |
This presentation
and will cover numerous aspects of configuring and deploying
a IP multicast solution in both Enterprise and Service Provider
networks. Example configurations will begin with basic multicast
deployments and progress to the deployment of larger, mission
critical multicast networks. Topics covered will include details
on various multicast router configuration commands along with
the use of Auto-RP, BSR and Anycast-RP's techniques in PIM-SM
networks. Finally, the fundamentals of two new emerging multicast
technologies, Bidir PIM and Source Specific Multicast, will
be introduced along with how these new technologies provide
better scalability of IP Multicast.
This session is primarily intended for network professionals responsible for Enterprise networks. However, this presentation also contains some material applicable to network professionals responsible for deploying Service Provider IP Multicast services.
Associated Sessions:
RST-1051 ''Introduction to IP Multicast''
RST-4051 ''Advanced IP Multicast''
|
| RST-2061 |
Deploying MPLS VPNs |
| Tuesday 4:00
pm - 6:00 pm; Wednesday 4:00 pm - 6:00 pm |
This session covers deployment of MPLS and MPLS VPNs. Includes step by step walk through of what needs to be covered to successfully deploy MPLS VPNs with a sample case study. Requirements: Attendees should have basic knowledge of MPLS, Routing Protocols, and MPLS VPN technology as MPLS VPN fundamentals will be covered very briefly. Nature of the session: This is a very technical session. This is for Internet Service Providers, interested in deploying or have deployed MPLS VPNs.
This session is designed to be particularly useful for attendees working in the following areas: networking technologists, managers, and executives planning to deply or support MPLS deployments.
Associated Sessions:
Other MPLS sessions associated with this session include : -
RST-1061 - Introduction to MPLS
RST-2062 - Deploying MPLS Traffic Engineering
RST-3061 - Troubleshooting MPLS VPNs
|
| RST-2062 |
Deploying MPLS Traffic
Engineering |
| Tuesday 1:30
pm - 3:30 pm; Wednesday 1:30 pm - 3:30 pm |
Multiprotocol
Label Switching (MPLS) traffic engineering is primarily concerned
with making optimal use of network bandwidth. It enables network
managers to better utilize their networks, and helps them
avoid paying for more capacity than they need. Participants
in this session will learn the theory behind MPLS traffic
engineering, as well as more advanced techniques for turning
MPLS traffic engineering into a revenue-generating service
and combining MPLS traffic engineering with MPLS VPN. Participants
will gain an understanding of how to configure and monitor
basic MPLS traffic engineering, as well as sources for more
information. Although MPLS, and more specifically, traffic
engineering, were originally service provider technologies,
large enterprises are beginning to adopt them as ways to reduce
WAN circuit costs.
This session is suitable for service providers and enterprise participants.
Associated Sessions:
Other MPLS sessions associated with this session include : -
RST-1061 - Introduction to MPLS
RST-2061 - Deploying MPLS VPNs
RST-3061 - Troubleshooting MPLS VPNs
|
| RST-2071 |
Network Centric Military
Operations |
| Thursday
4:00 pm - 6:00 pm |
As the mainframe
evolves to an IP server and the FEP becomes obsolete, the
opportunity to enhance the networking infrastructure supporting
the mainframe-based applications is now. This session presents
the IP networking and services design recommendations for
providing high availability and disaster recovery support
for both IP and traditional mainframe applications. This presentation
goes into depth on the support for mainframe based applications
built on IP, SNA, BISYNC, and industry specific protocols
like ALPS and Point of Sales when deploying a mainframe-based
IP server.
Designs providing high speed connectivity, load balancing, and high availability for the IP based mainframe are reviewed. Replacement solutions for the IBM Front This 2 hour session will focus on the importance and criticality of Network Centric Military Operations. The first hour is dedicated to the presentation of the importance for the use of standardized protocols and COTS technology to expedite time to deployment. Today's military must be capable of obtaining and utilizing information when and where needed to ensure agility and accurate mission information. The second hour will be dedicated to presenting sample operational deployments in ground, air, sea and space that are currently deployed in the field today.
This session is intended for military personnel who have the responsibility for network and/or mission planning that require a communications network. A basic knowledge of IP networking, mobility, security and Security is suggested. This is a functionality and case study session.
Associated Sessions:
This session is in conjunction with Sessions covering IPv6, Routing & Switching, QoS, Wireless and IP Mobility.
|
| RST-2081 |
Deploying Quality
of Service for Converged Networks |
| Tuesday 10:00
am - 12:00 pm; Wednesday 4:00 pm - 6:00 pm |
This presentation
discusses the various aspects involved in designing and implementing
QoS in Enterprise networks. We will talk about how QoS tools
can optimize the network to meet various application requirements,
identify & protect critical data applications like video over
low and high speed links, VoIP quality etc., and enable multiple
classes of service on the network.
This is your opportunity to understand in technical detail the latest QoS features in Cisco IOS software to solve various problems on the Enterprise network - features that both aid in solving new problems, as well as help simplify QoS. You will walk away with a good understanding of how to use these new features, learn how to effectively deploy QoS and how to monitor and report on QoS (a very key issue).
We will also discuss in detail the technical aspects of Cisco AutoQoS framework that drastically simplifies IP QoS, and reduces the cost & time for large scale QoS deployments in Enterprise networks.
The attendees are assumed to have a basic understanding of the various QoS mechanisms available to IP, MPLS, Frame Relay, Ethernet and ATM. The presentation content should be ranked as intermediate to advanced.This session is designed for both Service providers and enterprises looking to provide an infrastructure to support defferentiated services and mission critical applications.
Associated Sessions:
This session is a foundation for all sessions covering both network infrastructure (Routing & Switching Sessions) and applications (Voice, Video, Wireless etc).
|
| RST-2091 |
Deploying IPv6 Networks |
| Tuesday 10:00
am - 12:00 pm; Thursday 1:30 pm - 3:30 pm |
This session
will lay the foundation for IPv6 deployments by quickly reviewing
the state of the protocol, recent market activities, and highlighting
a few technology differences from IPv4. The bulk of the session
will describe some of the common network environments and
their requirements for a deployment of IPv6, as well as details
about the transition tools appropriate for use in each of
those environments.
The target audience for this session includes network managers, architects, and engineers that are considering deployment of IPv6 in the next few years.
Associated Sessions:
This session is related to all other session in the Routing & Switching section.
|
| RST-2101 |
IBM SNA Migration
Developments |
| Tuesday 4:00
pm - 6:00 pm |
As the mainframe
evolves to an IP server and the FEP becomes obsolete, the
opportunity to enhance the networking infrastructure supporting
the mainframe-based applications is now. This session presents
the IP networking and services design recommendations for
providing high availability and disaster recovery support
for both IP and traditional mainframe applications. This presentation
goes into depth on the support for mainframe based applications
built on IP, SNA, BISYNC, and industry specific protocols
like ALPS and Point of Sales when deploying a mainframe-based
IP server.
Designs providing high speed connectivity, load balancing, and high availability for the IP based mainframe are reviewed. Replacement solutions for the IBM Front End Processor are overlaid on the IP mainframe including support for SNA over IP routing via Branch Extender/ Enterprise Extender (SNA Switch), SNI routing provided by Extended Border Node/Enterprise Extender architecture, and the serial conversion technologies. The session will wrap up with disaster recovery designs for Global Dispersed Parallel Sysplex environments. Each of these technologies will be addressed through Cisco best-practice recommendations for incorporating into the network.
The target audience for this presentation is data center focused networking professionals with mainframe based IP servers, SNA, BISYNC, and other serial based end devices supported by mainframe applications, as well as network designers focused on decommissioning the FEP.
Associated Sessions:
Other sessions associated with this session are: Deploying SNA Switch for FEP Replacement, Data Center Infrastructure Design, Deploying N-tier Applications in the Data Center, Securing Enterprise Data Centers, and Designing for Disaster Recovery: Business Application Resilience
|
| RST-2111 |
IOS Support features
for Routing Protocols |
| Tuesday 1:30
pm - 3:30 pm; Thursday 1:30 pm - 3:30 pm |
This session
will describe the architecture of IOS based routers. We will
go in to depth, looking at the different architecture models
available and how they are best suited in various networking
scenarios. The session looks to define the performance and
operational characteristics of these platforms. As well as
looking at physical construction, the session will deal with
operating system implementations and how typical features
function with IOS routers.
This session is applicable for any engineers involved with the specification or deployment of routers in all networking scenarios.
Associated Sessions:
This session Complements RST-2112 (Part 2 of tHIs session) and all other platform architecture sessions as well as the other sessions in the Routing and Switching Section.
|
| RST-2112 |
Advanced Router Design
and Operation |
| Tuesday 4:00
pm - 6:00 pm; Thursday 4:00 pm - 6:00 pm |
This session
will take the lid off the operation of high end routers and
switches. Fousing on the switching mechanisms available, the
methods of organizing and utilizing system resources, and
optimization of the performance of these devices. The session
will also look at scaliability issues in both system design
and interaction with routing protocols and other features.
Included in this session will be the analysis of various QoS
and Security feature implenetations and how these are implented
with various router and switch arechitecture.
This session is designed for engineers involved in the specification, deployment and implemeetation of high performce routers and switches.
Associated Sessions:
This session Complements RST-2111 (Part 1 of tHIs session) and all other platform architecture sessions as well as the other
|
| SEC-2000 |
Network Edge Attack
and Defend |
| Tuesday 1:30
pm - 3:30 pm; Thursday 10:00 am - 12:00 pm |
The network
edge that connects your company to the untrusted world is
the single most important area on which to focus network security
design. The edge is where public Internet access occurs, e-commerce
is conducted, and business linkages through intranets, extranets,
and remote-access connections are enabled. This session reviews
design and configuration considerations to employ at the edge
of your network and spans access control, intrusion detection,
anomaly detection, antivirus, authentication, and management
system technologies. A lively story that chronicles a hacker's
conflict with an overworked IT staff for a large company is
interwoven throughout the session to keep the discussion both
interesting and real-world. Participants will learn how small
issues in a network can lead to large security compromises
and will learn the value of defense-in-depth strategies. This
is the second of two sessions on learning security design
best practices the hard way; the other session is entitled
"Network Campus Attack and Defend."
This session is designed to be particularly useful for network engineers who design and implement security in enterprise environments.
Associated Sessions:
The following session title(s) are associated with this session:-
SEC-2001 Design Principles for Secure Enterprise Campuses
|
| SEC-2001 |
Network Campus Attack
and Defend |
| Tuesday 4:00
pm - 6:00 pm; Thursday 1:30 pm - 3:30 pm |
As the classic
network edge continues to blur and network attack tools become
more sophisticated, protecting the campus network is increasingly
critical to a company's success. Important information assets
reside within the company campus, and application availability
is critical to ongoing business. This session reviews design
and configuration considerations to employ within the campus
of your network. It spans access control, intrusion detection,
anomaly detection, antivirus, authentication, and management
system technologies. A lively story that chronicles an insider
hacker's conflict with an overworked IT staff for a large
company is interwoven throughout the session to keep the discussion
both interesting and applicable to the real world. Participants
will learn how small issues in a network can lead to large
security compromises and will learn the value of defense-in-depth
strategies. This is the first of two sessions on learning
security design best practices the hard way; the other session
is entitled "Network Edge Attack and Defend."
This session is designed to be particularly useful for network engineers who design and implement security in enterprise environments.
Associated Sessions:
The following session title(s) are associated with this session:-
SEC-2000 Design Principles for Secure Network Edges
|
| SEC-2004 |
Responding to Security
Incidents |
| Tuesday 1:30
pm - 3:30 pm; Wednesday 1:30 pm - 3:30 pm |
No matter
how good your security is, your company will still experience
security incidents. How quickly and effectively you verify
and respond to these events will determine the impact to your
organization. This session reviews the signs and symptoms
of security incidents, and then discusses how to prepare for
and respond to these incidents when they occur. It will cover
the technical features in Cisco products that can be used
to help you address security incidents, as well as the processes
you must have in place to effectively manage incidents and
minimize their impact when they occur.
This session is designed to be particularly useful for network and security administrators.
Associated Sessions:
The following session title(s) are associated with this session:-
SEC-2000 Design Principles for Secure Network Edges,
SEC-2001 Design Principles for Secure Enterprise Campuses,
SEC-2002 Understanding and Preventing Layer 2 Attacks,
SEC-2007 Internet Service Provider Security Best Practices,
SEC-2008 Service Provider Responses to Denial of Service Attacks
|
| SEC-2005 |
Deploying 802.1x Based
Identity Networking for LAN Access Security |
| Tuesday 4:00
pm - 6:00 pm; Wednesday 1:30 pm - 3:30 pm |
This session
provides participants with an in-depth look at the technologies,
options, and considerations for administrators looking to
increase wired and wireless LAN security by deploying port
based network access control. It explores currently available
and emerging features associated with IEEE 802.1x in order
to effectively leverage identity based access control and
policy enforcement, including authentication, authorization,
accounting, and logging. The session balances theoretical
understanding with additional emphasis on real-world deployment
and troubleshooting.
This session has been designed to be particularly useful for network administrators or network security administrators interested in implementing network infrastructure access control and policy enforcement.
Associated Sessions:
The following session title(s) are associated with this session:-
SEC-2001 Design Principles for Secure Enterprise Campuses
|
| SEC-2006 |
Managing Security
Technologies |
| Wednesday
1:30 pm - 3:30 pm; Thursday 10:00 am - 12:00 pm |
This session
discusses the issues involved in managing security technologies.
Best practices for security management will be explained by
using case studies for commonly deployed security technologies
involving firewalls, intrusion detection systems (IDSs), and
virtual private networks (VPNs). These include dealing with
security events, enforcing corporate firewall policies, integration
of security operations with network operations, scaling concerns
with IDS tuning, and dynamically assigned remote firewalls.
This session will explain the security protocols and technologies
that can be used to configure and monitor information the
security devices provide. An update will be given on the Cisco
strategy and vision regarding security management software
and solutions, including the CiscoWorks VPN and Security Management
Solutions bundle. Finally, the session will describe how to
design an infrastructure where the security management applications
are an integrated part of the overall security design.
This session is designed to be particularly useful for network operations staff, security operations staff, security architects, and anyone interested in issues and case studies around managing a Cisco technology-based security infrastructure.
Associated Sessions:
The following session title(s) are associated with this session:-
SEC-2010 Deploying Remote Access IPsec VPNs,
SEC-2011 Deploying Site to Site IPsec VPNs,
SEC-2020 Deploying and Managing Firewalls,
SEC-2030 Deploying Intrusion Detection Systems
|
| SEC-2010 |
Deploying Remote-Access
IPSec VPNs |
| Tuesday 10:00
am - 12:00 pm; Thursday 10:00 am - 12:00 pm |
This session
addresses how to plan, design, and deploy remote-access IP
Security (IPSec) virtual private networks (VPNs). This session
will discuss overall design considerations, including device
placement considerations, various design models for remote-access
VPNs, and fitting VPN design into overall security policy.
Also covered is remote-access VPN deployment, including available
remote-access VPN technologies, products, and corresponding
configurations. High availability, load balancing, bandwidth
allocation, and VPN user management will also be discussed.
Case studies will be provided to demonstrate remote-access
VPN deployment examples.
This session is designed to be particularly useful for network and systems operators responsible for deploying IPSec in their networks.
Associated Sessions:
The following session title(s) are associated with this session:-
SEC-2011 Deploying Site-to-Site IPSec VPNs
SEC-2012 Deploying Complex and Large-Scale IPSec VPNs
SEC-3010 Troubleshooting Cisco IOS Firewall-Based and Cisco Secure PIX Firewall-Based IPSec VPNs
SEC-3011 Troubleshooting Cisco VPN 3000 Series Concentrator IPSec VPNs
SEC-4010 ''Advanced IPsec Algorithms and Protocols''
|
| SEC-2011 |
Deploying Site-to-Site
IPSec VPNs |
| Tuesday 1:30
pm - 3:30 pm; Thursday 1:30 pm - 3:30 pm |
This session
addresses how to plan, design, and deploy site-to-site IP
Security (IPSec) virtual private networks (VPNs). This session
will cover deployment of site-to-site VPNs, including the
configuration of common designs using various topologies and
products. Other considerations such as device placement, various
design models for site-to-site VPNs, and fitting VPN design
into overall security policy will be addressed. High availability,
performance, and management aspects will also be discussed.
Case studies will be provided to demonstrate site-to-site
VPN deployment examples.
This session is designed to be particularly useful for network and systems operators responsible for deploying IPSec in their networks.
Associated Sessions:
The following session title(s) are associated with this session:-
SEC-2010 Deploying Remote-Access IPSec VPNs
SEC-2012 Deploying Complex and Large-Scale IPSec VPNs
SEC-3010 Troubleshooting Cisco
IOS Firewall-Based and Cisco Secure PIX Firewall-Based IPSec VPNs
SEC-3011 Troubleshooting Cisco VPN 3000 Series Concentrator IPSec VPNs
SEC-4010 Advanced IPsec Algorithms and Protocols
|
| SEC-2012 |
Deploying Complex
and Large-Scale IPSec VPNs |
| Tuesday 4:00
pm - 6:00 pm; Thursday 4:00 pm - 6:00 pm |
This session
covers advanced IP Security (IPSec) virtual private network
(VPN) site-to-site design and deployment with a focus on scaling
to large IPSec VPNs. It will include IPSec plus generic routing
encapsulation (GRE) tunnels with a single hub as a starting
point, and will progress to single- and dual-hub dynamic multipoint
VPN (DMVPN) solution designs. The session's main focus will
be on deployment, migration, and running routing protocols
over DMVPN, and will also cover using certificates for authentication
and IPSec to extend Multiprotocol Label Switching (MPLS) VPNs.
This session is designed to be particularly useful for designers, managers, and troubleshooters of extended corporate VPN networks, and for service providers that are deploying these services for their customers.
Associated Sessions:
The following session title(s) are associated with this session:-
SEC-2010 Deploying Remote-Access IPSec VPNs
SEC-2011 Deploying Site-to-Site IPSec VPNs
SEC-3010 Troubleshooting Cisco IOS Firewall-Based and Cisco Secure PIX Firewall-Based IPSec VPNs
SEC-4010 Advanced IPsec Algorithms and Protocols
|
| SEC-2020 |
Deploying and Managing
Firewalls |
| Tuesday 10:00
am - 12:00 pm; Thursday 1:30 pm - 3:30 pm |
Firewall technology
remains an important line of defense against external threats
to networks, computers, and business-critical information.
Firewall technology has evolved to create policy enforcement
points that can be deployed throughout a network to enforce
an organization's security policy. This session discusses
different firewall architectures and approaches, with an emphasis
on the three Cisco firewall offerings; the Cisco PIX Firewall,
Cisco IOS Firewall, and the Cisco Catalyst Firewall service
module. The presentation will examine how different types
of firewalls are deployed in many common design scenarios.
The presentation will also provide information about practical
firewall management as part of an overall security policy.
This session is designed to be particularly useful for network engineers, system administrators, and network security specialists.
Associated Sessions:
The following session title(s) are associated with this session:-
SEC-2000 Design Principles for Secure Network Edges,
SEC-2001 Design Principles for Secure Enterprise Campuses,
SEC-2006 Managing Security Technologies,
SEC-3020 Troubleshooting Firewalls
|
| SEC-2030 |
Deploying Intrusion
Detection Systems |
| Tuesday 4:00
pm - 6:00 pm; Thursday 1:30 pm - 3:30 pm |
Intrusion
Detection Systems have become an essential tool in the development
of a "defense in depth" security system by providing a level
of packet and flow analysis not available through other means.
This session will discuss the role of both host-based and
network-based intrusion detection systems as complementary
technologies in the security architecture. The session will
look in depth at the individual analysis capabilities of Cisco's
IDS technologies, and present a series of strategies and techniques
to deploy and tune each technology to a specific environment.
Issues such as multi-device placement, traffic selection and
aggregation, design validation, and scalability will be discussed.
Also covered will be some of the key maintenance and monitoring
concepts specific to an IDS deployment. A series of deployment
case studies will be examined, including the Internet edge,
a corporate datacenter, and an Internet datacenter.
This session is designed to be particularly useful to network and security designer engineers and architects, along with operations and monitoring staff.
Associated Sessions:
The following session title(s) are associated with this session:-
SEC-2006 Managing Security Technologies
SEC-3030 Troubleshooting Intrusion Detection Systems
PWR-5010 Realizing the Promise of Intrusion Detection Systems
|
| RST-3001 |
Complex Deployment
and Analysis of EIGRP |
| Thursday
10:00 am - 12:00 pm; Thursday 4:00 pm - 6:00 pm |
An in depth
look at the advanced capabilities of Cisco's advanced distance
vector routing protocol, EIGRP. This session covers EIGRP
scaling in large hub and spoke environments, EIGRP provider
edge/customer edge interaction for MPLS VPNs, troubleshooting
large scale network failures, EIGRP graceful restart, route
redistribution into and out of EIGRP, and other advanced topics.
The target audience for this session includes network engineers who already have a grasp of EIGRP's fundamentals, and want to take their experience and knowledge of the protocol one step farther, and designers and engineers who work in large scale EIGRP.
Associated Sessions:
Related sessions include RST-2001, Fundamental Deployment and Analysis of EIGRP.
|
| RST-3002 |
Complex Deployment
and Analysis of Link State Protocols |
| Thursday
10:00 am - 12:00 pm; Thursday 4:00 pm - 6:00 pm |
This sessions
goes in depth into the deployment and troubleshooting of link
state protocols, focusing on new features and work in link
state routing. Topics included are graceful restart, fast
convergence, new features in the SPF algorithm, interaction
with BGP, route tags, and IPv6 support.
The target audience for this session includes network engineers who understand the fundamentals of link state routing protocols, and would like to take that understanding to the next level, and engineers who are considering deployment of a link state protocol in a large scale network environment, or who manage a large scale network running a link state routing protocol.
Associated Sessions:
Related sessions include RST-1001, Introduction to Link State Protocols, and RST-2002, Fundamental Deployment and Analysis of Link State Protocols.
|
| RST-3003 |
Complex Deployment
and Analysis of BGP |
| Wednesday
1:30 pm - 3:30 pm; Thursday 1:30 pm - 3:30 pm |
This session
provides information on the advanced features and new developments
in BGP. Topics include graceful restart, improvements in policy
configuration, BGP multipath routing support (equal cost and
unequal cost), BGP persistent oscillation, the custom decision
process, and improvements in BGP convergence times.
The target audience for this session is network engineers who have or are considering deploying BGP in their networks, have a fundamental understanding of BGP, and would like understand the new depvelopments and advanced features of the protocol.
Associated Sessions:
Related sessions include RST-2003, Fundamental Deployment and Analysis of BGP, and RST-4005, Advanced Routing Protocols Security.
|
| SEC-3010 |
Troubleshooting Cisco
IOS Firewall-Based and Cisco Secure PIX Firewall-Based IPSec
VPNs |
| Wednesday
1:30 pm - 3:30 pm; Thursday 4:00 pm - 6:00 pm |
This session
demonstrates detailed techniques for troubleshooting Cisco
IOS and Cisco Secure PIX Firewall-based IP Security (IPSec)
designs and implementations. It covers the debugging tools
available within Cisco IOS and Cisco Secure PIX Firewall to
troubleshoot IPSec based virtual private network (VPN) configurations.
This session also provides solutions to the most commonly
seen issues concerning IPSec VPN designs and implementations,
based on the experiences of Cisco Technical Assistance Center
(TAC) engineers.
This session is designed to be particularly useful for customers who have deployed IPSec VPNs using either Cisco IOS or Cisco Secure PIX Firewall.
Associated Sessions:
The following session title(s) are associated with this session:-
SEC-2010 Deploying Remote-Access IPSec VPNs
SEC-2011 Deploying Site-to-Site IPSec VPNs
SEC-3011 Troubleshooting Cisco VPN 3000 Series Concentrator IPSec VPNs
SEC-4010 Advanced IPsec Algorithms and Protocols
|
| SEC-3011 |
Troubleshooting Cisco
VPN 3000 Series Concentrator IPSec VPNs |
| Wednesday
4:00 pm - 6:00 pm; Thursday 10:00 am - 12:00 pm |
The Cisco
VPN 3000 Series Concentrator is a best-of-breed, remote-access
virtual private network (VPN) solution for enterprise-class
deployment, and is regarded as one of the best VPN devices
in the market today. This session demonstrates various methodologies
and techniques used in troubleshooting remote-access and site-to-site
IP Security (IPSec) implementations. It covers detailed descriptions
of the logs, provides troubleshooting tips and resolutions
to common issues, and discusses case studies involving real-world
scenarios.
This session is designed to be particularly useful for customers who have deployed IPSec VPNs using Cisco VPN 3000 Series concentrators.
Associated Sessions:
The following session title(s) are associated with this session:-
SEC-2010 Deploying Remote-Access IPSec VPNs
SEC-2011 Deploying Site-to-Site IPSec VPNs
SEC-3010 Troubleshooting Cisco IOS Firewall-Based and Cisco Secure PIX Firewall-Based IPSec VPNs
SEC-4010 Advanced IPsec Algorithms and Protocols
|
| SEC-3020 |
Troubleshooting Firewalls |
| Tuesday 1:30
pm - 3:30 pm |
Firewalls
are crucial components of today's networks. Their optimal
functioning is critical to an enterprise or service provider
network. It is essential for network engineers to be able
to quickly and efficiently troubleshoot this device. This
presentation focuses on the tools and techniques that can
be used to troubleshoot the Cisco PIX Firewall, Cisco IOS
Firewall, and Catalyst Firewall Service Module, enabling the
attendees to successfully maintain their Cisco firewalls.
This session is designed to be particularly useful for network engineers, system administrators, and network security specialists.
Associated Sessions:
The following session title(s) are associated with this session:-
SEC-2020 Deploying and Managing Firewalls
|
| SEC-3030 |
Troubleshooting Intrusion
Detection Systems |
| Wednesday
10:00 am - 12:00 pm; Thursday 4:00 pm - 6:00 pm |
This presentation
will focus on troubleshooting Intrusion Detection Systems
using Cisco IDS software 4.0 and 3.0 software on Intrusion
Detection System (IDS) appliances. We will also look into
detailed troubleshooting steps for IDS Management Center (IDS
MC) and Security Monitor (Sec Mon) which is a part of the
VMS2.1 software bundle in regards to installation, compatibility
and deployment issues. We will look into the common problems
associated with Cisco Security Agent software in regards to
installation and deployment.
This session has been developed to be applicable to attendees who perform the following roles or are involved in the following functions: - Configuring , maintaining and troubleshooting Intrusion Detection Systems consisting of IDS appliances and manage
Associated Sessions:
The following session title(s) are associated with this session:-
SEC-2030 Deploying Intrusion Detection Systems
PWR-5010 Realizing the Promise of Intrusion Detection Systems
|
| NMS-4031 |
Advanced NetFlow Accounting |
| Wednesday
1:30 pm - 3:30 pm; Thursday 1:30 pm - 3:30 pm |
This session
reviews in great detail the advantages of NetFlow services,
the different versions of NetFlow, and sampled NetFlow. Design,
configuration, tuning, and troubleshooting will be covered
in this in-depth technical session. We will discuss the most
recent improvements of NetFlow, both on routers and switches,
including the new NetFlow Version 9 and its interaction with
the IETF.
Most useful for those who have attended NMS-1031 and have some experience with NetFlow.
Associated Sessions:
NMS-1031 Introduction to Collecting Traffic Accounting Information
|
| NMS-4041 |
Advanced Performance
Management with Cisco Service Assurance Agent |
| Thursday
10:00 am - 12:00 pm; Thursday 4:00 pm - 6:00 pm |
This session
provides details of Cisco Service Assurance Agent (SAA) deployment,
advanced and new features, scalability, accuracy, and best
practices. Some recent test results will be shown and explained
for the first time. This presentation will focus exclusively
on SA Agent, and help you to better understand and use it.
Attendees should have an understanding of Cisco SAA and network management concepts. This session is most useful for those who have attended NMS-1041 and are familiar with SAA.
Associated Sessions:
NMS-1041 Introduction to Performance Management
NMS-1041 Performance Measurement with Cisco IOS
|
| RST-4004 |
Advances in Routing
Protocols |
| Wednesday
4:00 pm - 6:00 pm; Thursday 4:00 pm - 6:00 pm |
This session
introduces new features and concepts which are currently being
developed in routing protocols. The presentation will focus
on Optimized Exit Routing (OER) and Multi-Topology Routing
(MTR), OER gives a newtork the ability to optimally choose
the exit point into another routing domain based on real time
traffic flow information. MTR provides the ability to overlay
multiple logical topologies on the same physical topology.
The target audience for this session is adveanced network engineers who would like to know what the next phase in routing will look like, what's coming down the road, so they can plan their networks and designs to take advantage of these new capabilities as they become available.
Associated Sessions:
All sessions in the Routing & Switching section are related to this session.
|
| RST-4005 |
Advanced Routing Protocol
Security |
| Wednesday
1:30 pm - 3:30 pm; Thursday 1:30 pm - 3:30 pm |
This session
introduces the concepts of security within a routing system,
including a look at the threats to routing systems and the
corresponding pieces of information which can be secured.
Current methods of securing routing protocols are covered,
and a method for securing BGP in large scale deployments,
such as the Internet, is discussed, Secure Origin BGP (soBGP).
The target audience for this session is advanced network engineers who are considering security in their networks, would like to know what current options they have to provide security for the routing system, and what the direction of the current work in this area is.
Associated Sessions:
All Sessions in the Routing and Switching section are a related to this session.
|
| RST-4051 |
Advanced IP Multicast |
| Tuesday 4:00
pm - 6:00 pm; Thursday 1:30 pm - 3:30 pm |
This session
covers the protocols and topologies associated with Inter-domain
multicast routing including details on the operation of MSDP
and MBGP as they relate to PIM. This session also introduces
the latest trends in Inter-domain multicast routing, PIM Source
Specific Multicast (SSM), Multicast VPNs, and IPv6 Multicast.
During this session, the basic fundamentals of MBGP and MSDP
are covered along with their basic configuration as well as
the use of Anycast RP's. Numerous topology examples with regard
to Inter-domain multicast using MBGP and MSDP are presented
along with configuration examples for both the provider and
customers. Next, the session introduces Source Specific Multicast
and shows how this new method of Inter-domain multicast solves
some of the problems associated with traditional Inter-domain
PIM-SM multicast. Multicast VPNs in an MPLS VPN environment
will be presented. IPv6 Multicast will be discussed. And finally,
methods to secure a multicast network will be presented.
This session is applicable for Network Engineers involved in Service Provider network environments and Enterprises requiring native multicast transit.
Associated Sessions:
RST-1051 ''Introduction to IP Multicast''
RST-2051 ''Deploying IP Multicast''
|
| SEC-4010 |
Advanced IPsec Algorithms
and Protocols |
| Wednesday
10:00 am - 12:00 pm; Thursday 10:00 am - 12:00 pm |
This session
details how the Internet Key Exchange (IKE) and the IPSec
protocols work. The session will also analyze the authentication
protocols involved in the IKE process. Encryption and hashing
mechanisms, including the new AES standard in IPSec, will
also be discussed. After describing the workings of these
main protocols and mechanisms, the presentation will address
how some of the most important IPSec features actually work.
Examples of these features include mode configuration, extended
authentication, Dead Peer Discovery (DPD), IPSec Network Address
Translation (NAT) traversal, Stateful Failover and Tunnel
Endpoint Discovery (TED). The session will emphasize protocol-level
details of how the various features have been implemented,
using packet flowcharts and descriptions of the various fields
in the packets. The session will also include discussions
around some of the new implementations being worked in the
IPSec space such as IKEv2 and, IKE and IPSec monitoring MIBs.
This session is designed to be particularly useful for virtual private network (VPN) implementation experts who would like to gain a deeper understanding of how various IPSec-based VPN configurations actually work.
Associated Sessions:
The following session title(s) are associated with this session:-
SEC-2010 Deploying Remote Access IPsec VPNs,
SEC-2011 Deploying Site to Site IPsec VPNs,
SEC-2012 Deploying Complex and Large Scale IPsec VPNs,
SEC-3010 Troubleshooting IOS and PIX Firewall-Based IPsec VPNs,
SEC-3011 Troubleshooting VPN3000 IPsec Implementations
|
