Administracija mreža

Šta je mrežni administrator?

Administrator mreže

Definicija

Posao

  • Administrator mreže je IT profesionalac koji obezbeđuje da računarske mreže organizacije – grupe računara koji međusobno dele informacije – funkcionišu kako bi zadovoljile potrebe organizacije. Oni mogu da održavaju i rešavaju probleme u računarskim mrežama i primenjuju bezbednosne principe da bi mreže bile bezbedne.

Pozicija

Šta radi administrator mreže?

  • Instalira, konfiguriše i održava mrežni hardver i softver kao što su ruteri, firewall-ovi i switch-evi
  • Štiti mreže od neovlašćenih korisnika fizičkim i tehničkim sredstvima
  • Podešava i održava virtuelne privatne mreže (VPN)
  • Rešava probleme sa mrežnim povezivanjem zaposlenih
  • Održava i rešava probleme u mrežama za skladištenje podataka
Nakon kursa

Plata

Plata administratora mreže i izgledi za posao:

  • Administrator mreže u SAD najčešće očekuje platu od $79.000, a u proseku zarađuje od $71.000 do $98.000.
  • Broj radnih mesta za mrežne administratore će rasti po stopi od 5% između 2020. i 2030.

Znanje

Ključne veštine

Neke od uobičajenih veština mrežnog administratora:

  • Poznavanje različitih tipova mreža: lokalne mreže (LAN), mreže šireg područja (WAN), virtuelne privatne mreže (VPN), a ponekad i mreže za skladištenje podataka (SAN) su svaka različite vrste mreža. Iako neki poslovi mogu zahtevati više iskustva jedan u odnosu na drugi, osnovno znanje o tome šta su različite mreže i kako da ih konfigurišete biće centralno za vaš rad kao mrežnog administratora.
  • Razumevanje komponenti mrežne bezbednosti: One mogu uključivati zaštitne zidove, VPN-ove i kontrolu pristupa. Poznavanje uobičajenih napada i odgovarajući odgovor na njih biće važno kao administrator mreže.
  • Poznavanje servera: Nadogradnja i konfigurisanje servera je uobičajena sposobnost koja se traži kod mrežnih administratora. Vindovs i Linuk serveri su uobičajeni u SAD.
  • Komunikacija i timski rad: Kao administrator mreže, verovatno ćete raditi u timu ili sa drugim članovima vaše organizacije kako biste osigurali da računari i sistemi rade i rade. Biti u stanju da komuniciraju probleme i rešenja sa drugim ljudima je vredna veština koju treba imati.

Pregled kursa

  • Examining Cisco Enterprise Network Architecture
  • Understanding Cisco Switching Paths
  • Implementing Campus LAN Connectivity
  • Building Redundant Switched Topology
  • Implementing Layer 2 Port Aggregation
  • Understanding EIGRP
  • Implementing OSPF
  • Optimizing OSPF
  • Exploring EBGP
  • Implementing Network Redundancy
  • Implementing NAT
  • Introducing Virtualization Protocols and Techniques
  • Understanding Virtual Private Networks and Interfaces
  • Understanding Wireless Principles
  • Examining Wireless Deployment Options
  • Understanding Wireless Roaming and Location Services
  • Examining Wireless AP Operation
  • Understanding Wireless Client Authentication
  • Troubleshooting Wireless Client Connectivity
  • Introducing Multicast Protocols
  • Introducing QoS
  • Implementing Network Services
  • Using Network Analysis Tools
  • Implementing Infrastructure Security
  • Implementing Secure Access Control
  • Understanding Enterprise Network Security Architecture
  • Exploring Automation and Assurance Using Cisco DNA Center
  • Examining the Cisco SD-Access Solution
  • Understanding the Working Principles of the Cisco SD-WAN Solution
  • Understanding the Basics of Python Programming
  • Introducing Network Programmability Protocols
  • Introducing APIs in Cisco DNA Center and vManage

Praktične vežbe

  • Investigate the CAM
  • Analyze Cisco Express Forwarding
  • Troubleshoot VLAN and Trunk Issues
  • Tuning Spanning Tree Protocol (STP) and Configuring Rapid Spanning Tree Protocol (RSTP)
  • Configure Multiple Spanning Tree Protocol
  • Troubleshoot EtherChannel
  • Implement Multi-area OSPF
  • Implement OSPF Tuning
  • Apply OSPF Optimization
  • Implement OSPFv3
  • Configure and Verify Single-Homed EBGP
  • Implementing Hot Standby Routing Protocol (HSRP)
  • Configure Virtual Router Redundancy Protocol (VRRP)
  • Implement NAT
  • Configure and Verify Virtual Routing and Forwarding (VRF)
  • Configure and Verify a Generic Routing Encapsulation (GRE) Tunnel
  • Configure Static Virtual Tunnel Interface (VTI) Point-to-Point Tunnels
  • Configure Wireless Client Authentication in a Centralized Deployment
  • Troubleshoot Wireless Client Connectivity Issues
  • Configure Syslog
  • Configure and Verify Flexible NetFlow
  • Configuring Cisco IOS Embedded Event Manager (EEM)
  • Troubleshoot Connectivity and Analyze Traffic with Ping, Traceroute, and Debug
  • Configure and Verify Cisco IP SLAs
  • Configure Standard and Extended ACLs
  • Configure Control Plane Policing
  • Implement Local and Server-Based AAA
  • Writing and Troubleshooting Python Scripts
  • Explore JavaScript Object Notation (JSON) Objects and Scripts in Python
  • Use NETCONF Via SSH
  • Use RESTCONF with Cisco IOS XE Software

Šta očekivati na ispitu

  • 350-401 ENCOR exam tests your knowledge to configure, troubleshoot, and manage enterprise wired and wireless networks, overlay network such as SD-Access, SD-WAN and security principles within an enterprise network
  • After you pass 350-401 ENCOR, You earn the Cisco Certified Specialist – Enterprise Network Core Technologies certification.
  • You satisfy the core requirement for the new CCNP Enterprise certification. To complete your CCNP Enterprise certification, pass any one of the concentration exams.

350-401 ENCOR ispitne teme

To earn your CCNP Enterprise, CCIE Enterprise Infrastructure, or CCIE Enterprise Wireless certification, you must pass the 350-401 ENCOR exam. This exam tests your knowledge of:

1.0 Arhitecture 15%

1.1 Explain the different design principles used in an enterprise network

  • 1.1.a Enterprise network design such as Tier 2, Tier 3, and Fabric Capacity planning
  • 1.1.b High availability techniques such as redundancy, FHRP, and SSO

1.2 Analyze design principles of a WLAN deployment

  • 1.2.a Wireless deployment models (centralized, distributed, controller-less, controller based, cloud, remote branch)
  • 1.2.b Location services in a WLAN design

1.3 Differentiate between on-premises and cloud infrastructure deployments

1.4 Explain the working principles of the Cisco SD-WAN solution

  • 1.4.a SD-WAN control and data planes elements
  • 1.4.b Traditional WAN and SD-WAN solutions

1.5 Explain the working principles of the Cisco SD-Access solution

  • 1.5.a SD-Access control and data planes elements
  • 1.5.b Traditional campus interoperating with SD-Access

1.6 Describe concepts of wired and wireless QoS

  • 1.6.a QoS components
  • 1.6.b QoS policy

1.7 Differentiate hardware and software switching mechanisms

  • 1.7.a Process and CEF
  • 1.7.b MAC address table and TCAM
  • 1.7.c FIB vs. RIB
2.0 Virtualization 10%

2.1 Describe device virtualization technologies

  • 2.1.a Hypervisor type 1 and 2
  • 2.1.b Virtual machine
  • 2.1.c Virtual switching

2.2 Configure and verify data path virtualization technologies

  • 2.2.a VRF
  • 2.2.b GRE and IPsec tunneling

2.3 Describe network virtualization concepts

  • 2.3.a LISP
  • 2.3.b VXLAN
3.0 Infrastructure 30%

3.1 Layer 2

  • 3.1.a Troubleshoot static and dynamic 802.1q trunking protocols
  • 3.1.b Troubleshoot static and dynamic EtherChannels
  • 3.1.c Configure and verify common Spanning Tree Protocols (RSTP and MST)

3.2 Layer 3

  • 3.2.a Compare routing concepts of EIGRP and OSPF (advanced distance vector vs. linked state, load balancing, path selection, path operations, metrics)
  • 3.2.b Configure and verify simple OSPF environments, including multiple normal areas, summarization, and filtering (neighbor adjacency, point-to-point and broadcast network types, and passive interface)
  • 3.2.c Configure and verify eBGP between directly connected neighbors (best path selection algorithm and neighbor relationships)

3.3 Wireless

  • 3.3.a Describe Layer 1 concepts, such as RF power, RSSI, SNR, interference noise, band and channels, and wireless client devices capabilities
  • 3.3.b Describe AP modes and antenna types
  • 3.3.c Describe access point discovery and join process (discovery algorithms, WLC selection process)
  • 3.3.d Describe the main principles and use cases for Layer 2 and Layer 3 roaming
  • 3.3.e Troubleshoot WLAN configuration and wireless client connectivity issues

3.4 IP Services

  • 3.4.a Describe Network Time Protocol (NTP)
  • 3.4.b Configure and verify NAT/PAT
  • 3.4.c Configure first hop redundancy protocols, such as HSRP and VRRP
  • 3.4.d Describe multicast protocols, such as PIM and IGMP v2/v3
4.0 Network Assurance 10%

4.1 Diagnose network problems using tools such as debugs, conditional debugs, trace route, ping, SNMP, and syslog

4.2 Configure and verify device monitoring using syslog for remote logging

4.3 Configure and verify NetFlow and Flexible NetFlow

4.4 Configure and verify SPAN/RSPAN/ERSPAN

4.5 Configure and verify IPSLA

4.6 Describe Cisco DNA Center workflows to apply network configuration, monitoring, and management

4.7 Configure and verify NETCONF and RESTCONF

5.0 Security 20%

5.1 Configure and verify device access control

  • 5.1.a Lines and password protection
  • 5.1.b Authentication and authorization using AAA

5.2 Configure and verify infrastructure security features

  • 5.2.a ACLs
  • 5.2.b CoPP

5.3 Describe REST API security

5.4 Configure and verify wireless security features

  • 5.4.a EAP
  • 5.4.b WebAuth
  • 5.4.c PSK

5.5 Describe the components of network security design

  • 5.5.a Threat defense
  • 5.5.b Endpoint security
  • 5.5.c Next-generation firewall
  • 5.5.d TrustSec, MACsec
  • 5.5.e Network access control with 802.1X, MAB, and WebAuth
6.0 Automation 15%

6.1 Interpret basic Python components and scripts

6.2 Construct valid JSON encoded file

6.3 Describe the high-level principles and benefits of a data modeling language, such as YANG

6.4 Describe APIs for Cisco DNA Center and vManage

6.5 Interpret REST API response codes and results in payload using Cisco DNA Center and RESTCONF

6.6 Construct EEM applet to automate configuration, troubleshooting, or data collection

6.7 Compare agent vs. agentless orchestration tools, such as Chef, Puppet, Ansible, and SaltStack