The CCNP SWITCH exam tests very heavily on the planning and verification requirements within the certification blueprint. All of the exam topics below fall into the “planning” category.
- Implement VLAN based solution, given a network design and a set of requirements.
- Create a VLAN based implementation plan
- Create a VLAN based verification plan
- Document results of VLAN implementation and verification
- Implement a Security Extension of a Layer 2 solution, given a network design and a set of requirements.
- Create a implementation plan for the Security solution
- Create a verification plan for the Security solution
- Document results of Security implementation and verification
- Implement Switch based Layer 3 services, given a network design and a set of requirements
- Create an implementation plan for the Switch based Layer 3 solution
- Create a verification plan for the Switch based Layer 3 solution
- Document results of Switch based Layer 3 implementation and verification
- Implement High Availability, given a network design and a set of requirements
- Create a High Availability implementation plan
- Create a High Availability verification plan
- Document results of High Availability implementation and verification
That is a large portion of the CCNP SWITCH exam blueprint. It’s tough for Cisco to test how to write up an implementation plan within the time frame allowed for the exam, so they test it indirectly. They may present a complicated business problem with many undefined technical “implementation” components and require you to solve the problem. In order to do so, you’ll have to be able to come up with an implementation plan on the fly to know which technologies, protocols, interfaces, etc. need to be configured. Once you configure them, you will also need to come up with a “verification plan” in your head so you can verify that the business need was met (and you get your points for the question).
An example may be a complex problem requiring you to configure new VLANs on a recently added switch (VLAN plan), add LACP trunks (HA plan), change the routing on the existing multilayer switches to add the new VLAN networks (layer 3 planning). Load balance the all new connections using HSRP (HA plan) based on business VLAN requirements (VALN plan).
It’s easy to see how quickly a problem like that can cover many of the blueprint planning topics in a single exam question. Expect to see situational problems like that example.
Implementation Plan Components
Almost every network implementation should consist of several phases (ex. install hardware, push configurations, cut-over to production, etc.). It is important to remember the following steps for each phase:
- Description of the step
- Reference to design documents
- Detailed implementation guidelines
- Detailed roll-back guidelines in case of failure
- Estimated time needed for implementation
Specific Cisco Design Recommendations
There are some general guidelines Cisco recommends around Layer 2 design. Cisco recommends the local VLAN approach if possible within the campus environment. That allows the access layer to focus on port density and VLAN termination. The distribution layer can then be used for routing and boundary definitions. The core is then used exclusively for optimized transport of traffic.
General Network Planning Guidelines
- When verifying a new network design, test it first on a pilot network before implementing it network-wide on the production network
- When planning for HA, to minimize the risk of potential outages, it is critical to use the appropriate technology as well as redundancy within that technology to prevent single points of failure
A documented rollback plan should be part of any implementation plan
Security Planning Guidelines
- Make sure you have a list of the applications running in the environment
- If it is a security design, Cisco recommends having a network audit performed beforehand
Critical pieces to include when designing and implementing a security solution include:
- An incident response plan
- The organization’s security policy
- A list of customer requirements
Verification of an implemented security solution requires results from audit testing of the implemented solution
VLAN Planning Guidelines
- Some examples of organizational objectives when developing a VLAN implementation plan could include: improving customer support, increasing competitiveness, and reducing costs
- When creating a VLAN implementation plan, it is critical to have a summary implementation plan that lays out the implementation overview.
- Incremental implementation of components is the recommended approach when defining a VLAN implementation plan.
A VLAN-based implementation and verification plan should include:
- Verification that the SVI has already been created and that it shows up on all required switches using the show vlan command.
- Verification that trunked links are configured to allow the newly created VLANs
SONA is a Cisco model that provides guidance, best practices, and blueprints for connecting network services and applications to enable business solutions.
SONA outlines three layers for the enterprise network:
1. Network Infrastructure Layer – where all the network devices are connected (network, servers, storage, etc).
2. Interactive Services Layer- Allocated resources to applications delivered through the network infrastructure layer.
3. Application Layer – Includes business applications.
NOTE – Make sure you understand Cisco’s definition and roles for access, distribution, and core layers.
- Prepare – organizational requirements, strategy, financial justification
- Plan – network requirements, gap analysis with existing network infrastructure, project plan
- Design- design specification created (used for implement phase)
- Implement - network is built, additional components added
- Operate – maintaining network health, day-to-day operations
- Optimize - proactive management, potential to optimize network redesign
High-level benefits of a lifecycled approach:
- Lower TCO of network
- Increased availability
- Improved business agility
- Faster access to applications and services