AR-CASL2
AR-CASL2
Configuring Aruba OS Switching Level 2
Price:
Duration:
USD 3,250.00 excl. VAT
5 Days
Who Should Attend
Typical candidates for this course are IT Professionals who will deploy
and manage networks based on HPE’s ArubaOS-Switches.
Prerequisites
Suggested prerequisites ASF
Aruba Switching Fundamentals training
Course Content
This course teaches you how to implement and operate enterprise-level Aruba campus switching solutions. Hand-on labs give you experience with ArubaOS-Switches, including securing access, redundancy technologies such as Multiple Spanning Tree Protocol (MSTP), link aggregation techniques including Link Aggregation Protocol (LACP) and switch virtualization with HPE’s Virtual Switching Framework (VSF).
You will also learn to configure dynamic routing with Open Shortest Path First (OSPF) and Border Gateway Protocol (BGP), network optimization via Quality of Service (QoS), IP multicast routing leveraging Protocol Independent Multicast (PIM), and protecting the network using Access Control Lists (ACLs). This course is approximately 30% lecture and 70% hands on lab exercises.
Course Objective
After you successfully complete this course, expect to be able to:
Implement spanning tree protocol and loop protections
Ensure redundancy for a network’s default gateway by configuring VRRP on Aruba switches
Implement and manage an VSF fabric
Deploy ArubaOS switches in single-area and multi-area OSPF systems
Use Internet Group Management Protocol (IGMP) to optimize forwarding of multicasts within VLANs
Implement PIM-DM to route multicast traffic
Establish and monitor BGP sessions between your routers and ISP routers
Define ACLs and identify the criteria by which ACLs select traffic
Configure ACLs on ArubaOS switches to select given traffic
Implement 802.1X on ArubaOS switch ports
Configure captive portal authentication on ArubaOS switches to integrate them with an Aruba ClearPass solution
Configure tunneled-node on ArubaOS switches
Configure ArubaOS switches to select traffic, apply the appropriate QoS marking, and place the traffic in the proper priority queues
Implement DHCP snooping and ARP protection to defend networks against DHCP
exploits, ARP snooping, and ARP poisoning attacks
Implement the proper port security measures for various use cases
Implement connection rate filtering to provide a first layer of protection against viruses and worms
Course Outline
Introduction to Aruba Solutions
o Describe market trends that are leading companies to implement a digital workplace
o Describe how the Mobile First Network from Aruba, a Hewlett Packard Enterprise company, delivers the digital workplace
Data Link Layer Redundancy Technologies
o Compare RPVST+ with RSTP and MSTP
o Implement spanning tree protocol and loop protections
o Describe how Unidirectional Link Detection (UDLD) and Device Link Detection Protocol (DLDP) detect and handle unidirectional links
Virtual Router Redundancy Protocol (VRRP)
o Ensure redundancy for a network’s default gateway by configuring VRRP on Aruba switches
o Establish load-balancing of active routing in several different ways
o Use best practices for implementing VRRP with MSTP
Aruba Backplane Stacking and Advanced Virtual Switch Framework (VSF)
o Describe the three topologies supported with backplane stacking and the roles members play in the stack
o Explain how backplane stacking handles stack fragments
o Implement and manage an VSF fabric
o Describe what a split VSF stack is and configure the mechanisms designed
to detect and remedy this problem
Advanced Open Shortest Path First (OSPF)
o Deploy ArubaOS products in single-area and multi-area OSPF systems
o Use area definitions and summaries to create efficient and scalable
multiple area designs
o Advertise routes to external networks in a variety of OSPF environments
o Promote fast, effective convergence during a variety of failover situations
o Use virtual links as required to establish non-direct connections to the
backbone
o Implement OSFP authentication
Internet Group Management Protocol (IGMP)
o Use Internet Group Management Protocol (IGMP) to optimize forwarding of multicasts within VLANs
o Describe the differences between IGMP and IGMP snooping
Protocol Independent Multicast–Dense Mode (PIM-DM)
o Distinguish between PIM-DM and PIM-SM
o Implement PIM-DM to route multicast traffic
Border Gateway Protocol (BGP)
o Establish and monitor BGP sessions between your routers and ISP routers
o Advertise an IP block to multiple ISP routers
o Configure a BGP router to advertise a default route in OSPF
Access Control Lists (ACL)
o Define ACLs and identify the criteria by which ACLs select traffic
o Configure ACLs on ArubaOS switches to select given traffic
o Apply static ACLs to interfaces to meet the needs of a particular scenario
o Examine an ACL configuration and determine the action taken on specific packets
802.1XAuthentication
o Implement 802.1X on ArubaOS switch ports
o Integrate ArubaOS switches with an Aruba ClearPass solution, which might apply dynamic VLAN assignments, ACLs, QoS priorities, and rate Limits
MAC Authentication
o Implement RADIUS-based MAC Authentication (MAC-Auth) on ArubaOS
switch ports
o Implement local MAC Authentication (LMA) on ArubaOS switch ports
Captive Portal and Other Guest Options
o Configure captive portal authentication on ArubaOS switches to integrate them with an Aruba ClearPass solution
o Implement Web Authentication (Web-Auth) on Aruba switch ports
o Combine multiple forms of authentication on a switch port that supports one or more simultaneous users
o Use the Unauthenticated VLAN on ArubaOS switches to provide guest access
Integrating with an Aruba Mobility Solution
o Configure tunneled-node on ArubaOS switches
o Describe when and how to configure PAPI enhanced security, high
availability, and fallback switching for tunneled-node
Secure Device Management
o Set up RADIUS authentication and authorization for managers
o Describe the differences between SNMPv2c and v3 and configure SNMPv3
settings on ArubaOS switches
o Explain how technologies such as RMON, sFlow, and traffic mirroring allow you to monitor network traffic
o Explain best practices for managing configurations and monitoring network
traffic using a solution such as Aruba AirWave
Quality of Service
o Describe how ArubaOS switches prioritize traffic based on its queue
o Configure ArubaOS switches to honor the appropriate QoS marks applied by other devices
o Configure ArubaOS switches to select traffic, apply the appropriate QoS marking, and place the traffic in the proper priority queues
o Implement rate limiting
o Configure a voice VLAN and LLDP-MED
Additional Security Features
o Implement DHCP snooping and ARP protection to defend networks against
DHCP exploits, ARP snooping, and ARP poisoning attacks
o Implement the proper port security measures for various use cases
o Explain how MAC lockdown differs from port security and use the proper solution for each use case
o Implement connection rate filtering to provide a first layer of protection
against viruses and worms
Further information
If you would like to know more about this course please contact us
