Design, Deploy and Configure Cisco Digital Network Architectures (DNA)

  • IP network designers
  • IP network administrators
  • System engineers
  • Individuals involved in IWAN and DNA deployment and administration


  • Knowledge level equivalent to Cisco CCNA Routing and Switching (CCNP Routing and Switching is preferred)
  • Basic to intermediate knowledge on tunnels, VPNs, and DMVPN
  • A good understanding of QoS basics
  • Basic knowledge and experience with Cisco IOS, IOS XE, and CLI
  • Basic knowledge on device and network virtualization

Expected Duration
5 day


In this course, you will learn how Ciscos Intelligent WAN (IWAN) solves many challenges related to todays branch office deployments. You will learn what the IWAN main components are, including Transport Independent WAN connectivity (IPSec DMVPN and MPLS), Intelligent Path Control (with performance routing), Application Optimization (with AVC and WAAS), and Secure Connectivity (Strong encryption, firewalls, CWS). As part of IWAN deployment, you will be faced with Application Policy Infrastructure Controller – Enterprise Module or APIC-EM, as a management platform and automation tool.

At the beginning of the course, you will review Ciscos Digital Network Architecture or DNA as open and extensible, software-driven architecture that accelerates and simplifies enterprise network operations. DNA, as a programmable architecture frees IT staff from time consuming, repetitive network configurations tasks, so they can focus instead on innovation that positively transforms their business. Relationships between DNA and IWAN will be discussed along the course. Labs are built using the latest software versions on related components like routers ISR and ASR, IOS XE, WAVE, vWAAS, APIC-EM, as well as latest conceptual model (IWAN version 2.x.x).


1. Ciscos Digital Network Architecture (DNA)

  • Overview
  • Benefits
  • Guiding Principles
  • Main Components and Functions
  • DNA Automation and Management: APIC-EM
  • DNA Virtualization: NFV and Cisco IOS XE
  • DNA Analytics: CMX
  • DNA Security: TrustSec, ISE, StealthWatch

2. Intelligent WAN (IWAN) General Overview and Main Components

  • Todays branch office challenges
  • IWAN as a solution for branch office connectivity
  • IWANs building blocks
  • Transport Independent Design
  • Intelligent Path Control
  • Application Performance Optimization
  • Secure Connectivity
  • IWAN Management

3. Implementing Transport Independent Design

  • IP Connectivity as transport independent option
  • MPLS Connectivity as transport independent option
  • IP-MPLS connectivity options for headquarter and branch
  • GRE Point to Point and Multipoint tunnels
  • DMVPN overview
  • DMVPN Phases
  • Front Door VRF
  • Unicast traffic over DMVPN
  • Multicast traffic over DMVPN
  • DMVPN sample configurations

4. Implementing Intelligent Path Control with Performance Routing (PfR)

  • Performance routing overview
  • Device Components and Roles
  • Hub Master Controller
  • Hub Border Routers
  • Transit Master Controller
  • Transit Border Router
  • Branch Routers
  • Differences between PfRv2 and PfRv3
  • PfR Policies
  • Enterprise Domain Provisioning
  • Topology Discovery
  • Collecting Performance Metrics
  • Path Enforcement
  • Enterprise Deployment
  • Monitoring (site prefixes, traffic classes, load balance)

5. Implementing AVC for Application Visibility and Adding Hierarchical QoS (HQoS)

  • Collecting Performance Metrics
  • Collecting Traffic Statistics
  • Application Response Time
  • Media Monitoring
  • Netflow and IPFIX
  • Adding Hierarchical Quality of Service (HQoS)

6. Cisco Wide-Area Application Services

  • Introducing Cisco WAAS
  • Identify Platforms and deployment options
  • Implementing Cisco Central Management
  • Installing and Configuring the Virtual Environment
  • Installing and Configuring Cisco vWAAS
  • Configuring Application Traffic Policies
  • Configuring Cisco vWAAS Virtualization

7. Cisco APPNAV

  • APPNAV overview
  • Installing APPNAV Controllers
  • APPNAV-XE Controller Configuration
  • Monitoring the APPNAV Controller

8. IWAN Secure Connectivity

  • Secure Connectivity Overview
  • Securing the WAN Transport
  • Secure Direct Internet Access
  • Full Services Direct Internet Access
  • Direct Internet Access Use Case Scenarios
  • Cisco Trustsec in Branch
  • Secure Connectivity IWAN Customer Scenario

9. Cisco APIC-EM for Management and Automation

  • APIC-EM overview
  • APIC-EM features and benefits
  • APIC-EM supported platforms and software release
  • APIC-EM licensing Model
  • APIC-EM Hardware&Software requirements (for installation virtual appliance)
  • APIC-EM GUI and navigation
  • Main operations

10. Implementing UCS-E and Cloud Connectors

  • UCS-E
  • Cisco Cloud Connectors
  • Third-Party Cloud Connectors
  • Cisco Akamai Solutions



Select Course Options