Home / Summaries / CCNP and CCIE Enterprise Core Official Cert Guide / sd-access-fabric-cisco

Fabric Technologies - Software-Defined Access

28 important questions on Fabric Technologies - Software-Defined Access

What features, capabilities and functionalities does SD-Access use to address the current campus network needs?

1. Network Automation (Through Cisco DNA Center)

2. Network Assurance and Analytics (Using telemetry it enables proactive prediction of network and security related incidents.)

3. Host Mobility (Host mobilitiy for both wired and wireless users)

4. Identity services (Cisco Identity Services Engine ISE identifies users and devices on the network.)

5. Policy Enforcement (Using Security Group Access Control List SGACLs is much more simpler and more scalable.)

6. Secure segmentation (Easier to segment the network)

7. Network Virtualization (Support of multiple VRFs known as Virtual Networks VNs across the whole access layer with own set of policies.)

What is a Campus Fabric Solution and when is it considered SD-Access?

A Campus Fabric Solution is a cisco validated fabric overlay solution that includes all of the features and protocols (Control Plane, Data Plane, Management Plane and Policy Plane). When it is managed through CLI or an API using NETCONF/YANG it is considered a Campus Fabric Solution

A Campus Fabric Solution is considered SD-Access when it is managed by Cisco DNA Center

What are the 4 basic layers of the Cisco SD-Access fabric architecture?

1. Physical Layer

2. Network Layer

3. Controller Layer

4. Management Layer
  • Higher grades + faster learning
  • Never study anything twice
  • 100% sure, 100% understanding
Discover Study Smart
Testimonial person
Sophia
Law student
Quotes

For my 1st exam I got a C. Then, I started looking for ways to learn better and I came across Study Smart. Since then I have scored a A+, A, A- and another A. I highly recommend it to everyone who wants to hear it. I am so happy with it!!

Testimonial person
John
Economics Student
Quotes

I was struggling to finish all my first-year subjects for 3 years. Then I discovered Study Smart, which helped me to finish all of them within 3 months.

Testimonial person
Sara
Public Administration Student
Quotes

Because of StudySmart, things are going well in many ways. Before, I always had study stress and no time for anything. Now I feel calm and confident (because of the program). I used to score a B, now I usually score an A or A+.

Testimonial person
Mary
Business Student
Quotes

Hey Chris, I really want to thank you very much for developing the platform, I usually got around C for my exams, now I scored an A+, an A and a A- !!

Testimonial person
Melanie
Psychology Student
Quotes

Since using Study Smart, my average has increased significantly. I even completed a statistics course with a A+ while I'm bad at statistics. I took on extra courses this year, because of Study Smart. Thanks so much!

Testimonial person
Jane
Nursing Studies
Quotes

Ever since I started studying with StudySmart I passed all my exams !!! No more re-sits!! At first, I was happy with a pass and now I only get good grades. Many thanks!

Testimonial person
Rose
Political Science Student
Quotes

I aced all the courses I studied with Study Smart. For law, I first scored a D, and now an A! I’m 100% sure that I’ll pass all the courses I study with Study Smart.

Testimonial person
Tina
Medicine Student
Quotes

I always thought I studied well. My grades were fine. I could never have imagined that applying these study skills would have such a huge and direct impact on my grades, my speed and the pleasure I have in learning.

Testimonial person
Julie
Marketing Student
Quotes

For the first time, I finally feel totally confident about the way I learn. I have the perfect overview and make great progress in terms of speed and the grades I get. Thanks, Chris!

Testimonial person
Matt
Industrial Engineering Student
Quotes

I immediately started to enjoy learning again, and my grades soared. All of a sudden, everything went better. I highly recommend Study Smart to all students..

Testimonial person
Emma
Law Student
Quotes

Being able to create my materials online made the process of studying so much smoother and quicker. I no longer have to spend a huge amount of my time on creating my summaries.

Testimonial person
Michael
Psychology Student
Quotes

At first, my notes were a mess. Now I use Study Smart to take my notes in a perfectly structured way. It helps me to save a lot of time and do other things I enjoy.

Testimonial person
Emily
Teacher
Quotes

Students that study with Study Smart get better grades. The system applies all the learning methods in such a way that both well-performing students and students who struggle perform much better.

Testimonial person
Richard
Literature Student
Quotes

Hi Chris, I would like to thank you very much. Last year I scored C on a course, and this year I got an A+ thanks to your method! Thank you very much!

Testimonial person
Madison
Parent
Quotes

The largest effect is that my child is more enthusiastic about school! Every parent wants their children to be happy at school, Study Smart made it happen.

Testimonial person
Robert
Accountant Student
Quotes

In high school, I failed several exams, and that has really changed now. I actually needed this tool very much back then. Since I started studying with StudySmart, I haven't had any D's. My average score is now an A and those are results I would have never had in the past

Testimonial person
James
Business and Science Student
Quotes

With my old method, I passed only 3 out of 8 courses. Since I started taking my notes digitally in Study Smart, I have passed all my courses on the first try. For me, StudySmart takes away the stress of wondering if I will pass or not.

Testimonial person
Christopher
Veterinarian Student
Quotes

Thanks to StudySmart, I passed all my exams, and with better grades than before! On top of that, I have mastered a very good study method now, which I am confident will help me earn my degree.

What is part of the Cisco SD-Access physical layer?

Cisco Switches (Supported models)
Cisco Routers (Supported models)
Cisco Wireless (WLCs and APs)
Cisco Controller Appliances (DNA Center and ISE controller appliances)

What 2 sublayers does the Cisco SD-Access Network Layer consists of and what are their roles?

1. Underlay Network Layer (Underlying network transporting data between network devices)
2. Overlay network Layer (Overlay network virtually connecting all network devices forming a fabric.)

What is the recommended design for the SD-Access Underlay Network?

A layer 3 Routed Access design using IS-IS as the IGP is the recommended approach.
IS-IS offers operational advantages such as neighbor establishment without IP dependencies, peering capability using loopback addresses and agnostic treatment of IPv4, IPv6 and non-IP traffic.
A Layer 2 underlay network running Spanning Tree is possible but not recommended.

What 2 models of underlay networks are supported?

1. Manual Underlay
Managed manually rather than Cisco DNA Center. Allows customization of the network (Other routing protocol for example)

2. Automated Underlay
All aspects of the Underlay network is managed by Cisco DNA Center LAN Automation. It configured the IS-IS routed access campus design and other routing options. No customization possible.

What are the 3 basic planes of operation in the SD-Access Fabric?

1. Control Plane (Based on LISP)
2. Data Plane (Based on VXLAN)
3. Policy Plane (Based on Cisco TrusSec)

SD-Access Fabric refers to the Overlay Network, what is needed for it to be called SD-Access Fabric?

It needs to be managed automatically by Cisco DNA Center.
When the Overlay Network is managed manually it is called a Campus Fabric Solution.

What are several enhancements which Cisco SD-Access added to the original LISP specification?

1. Distributed Anycast Gateway
2. VN Extranet
3. Fabric Wireless

What is important to note about the SD-Access Fabric Data Plane taking into account LISP is used in the SD-Access Fabric Control Plane.

It uses VXLAN encapsulation for the Data Plane instead of LISP encapsulation.
This is because VXLAN supports encapsulation the original ethernet header, thus supporting MAC-in-IP encapsulation.

What is different about the VXLAN specification for SD-Access?

It is enhanced to support Cisco TrustSec Scalable Group Tags (SGTs).
Accomplished by adding new fields to the first 4 bytes of the VXLAN header to transport up to 64000 SGT tags.
New format is called VXLAN Group Policy Option (VXLAN-GPO)

What is Cisco TrustSec Security Group Tags referred to in Cisco SD-Access?

Scalable Group Tags

What is the SD-Access Fabric Policy Plane based on?

It is based on Cisco TrustSec. Cisco TrustSec SGT tags are assigned to users and devices.
Policies can then be applied on groups of users and devices that have the same tags.

What are 5 advantages to Cisco SD-Access provided by TrustSec SGT tags.

1. Support for both network-based segmentation using VNs (VRF instances) and group-based segmentation (Policies)

2. Network address-independent group-based policies based on SGT tags.

3 Dynamics enforcement of group-based policies, regardless of location.

4. Policy constructs over a legacy or third-party network using VXLAN

5. Extended policy enforcement to external networks (Cloud or datacenter) by transporting the tags using SGT Exchange Protocol (SXP)

What are the 5 basic device roles in the fabric overlay?

1. Control Plane Node (Contains settings, protocols and mapping tables.)

2. Fabric Border Node (Connects external Layer 3 network to the SD-Access Fabric)

3. Fabric Edge Node (Connects wired endpoints to the SD-Access fabric)

4. Fabric WLAN Controller (WLC) (Connects APs and wireless endpoints to the SD-Access fabric)

5. Intermediate Nodes (Intermediate routers or switches that don't provide a SD-Access Fabric role other than the underlay services)

What is a Fabric Control Plane Node?

It is a LISP map server/resolver with enhanced functions for SD-Access. Such as fabric wireless and SGT mapping.
Maps all EID locations to the current fabric edge or border nodes.

What is a Fabric Border Node?

A Fabric Border Node is a LISP proxy tunnel router that connects external Layer 3 networks to the SD-Access fabric.

What 3 types of Fabric Border nodes are there?

1. Internal Border (Connects only to the known areas of the organization (WLC, Firewall, Datacenter))

2. Default Border (Connects only to unkown areas. With default route to reach internet or public cloud.)

3. Internal + Default Border (Connects to both internal well known areas as external unkown areas)

What is special about the Fabric Wireless Controller and makes it different from a standard WLC?

The WLC itself is external to the fabric but does provide onboarding and mobility services for wireless clients connected to the SD-Acces fabric.
It Connects to the SD-Access fabric through an internal border node.
It also performs PxTR registrations to the fabric control plane (on behalf of the fabric edges) and can be thought of as a fabric edge for wireless clients.

What is special about the Fabric Wireless Controller and makes it different from a standard WLC?

The WLC itself is external to the fabric but does provide onboarding and mobility services for wireless clients connected to the SD-Acces fabric.
It Connects to the SD-Access fabric through an internal border node.
It also performs PxTR registrations to the fabric control plane (on behalf of the fabric edges) and can be thought of as a fabric edge for wireless clients.

What are the 3 main subsystems of the Controller Layer

1. Cisco Network Control Platform
Integrated directly into Cisco DNA Center that provides all the underlay and fabric automation and orchestration services for the physical and network layers.

2. Cisco Network Data Platform
A data collection and analytics and assurance subsystem integrated directly into Cisco DNA Center.

3. Cisco Identity Services Engine (ISE)
Basic role is to provide all the identity and policy services for the physical and network layer.

The SD-Access Fabric management layer is provided by Cisco DNA Center. It groups tools in various Workflows, which 4 Workflows can be defined?

1. Cisco DNA Design Workflow

2. Cisco DNA Policy Workflow

3. Cisco DNA Provision Workflow

4. Cisco DNA Assurance Workflow

What are 4 design tools of the Cisco DNA Design Workflow?

1. Network Hierarchy (Geolocation, floorplan and Site IDs)

2. Network Settings (Network servers like DNS, DHCP etc and IP and Wireless management)

3. Image Repository (Software images, maintenance update and version compliance)

4. Network Profiles (LAN, WAN and WLAN connection profiles such as an SSID and apply them to sites)

What are 6 tools of the Cisco DNA Policy Workflow?

1. Dashboard

2. Group-based access control

3. IP-based access control

4. Application

5. Traffic Copy (E-R-SPAN)

6. Virtual Network

What are 4 tools of the Cisco DNA Provision Workflow?

1. Devices

2. Fabrics

3. Fabric Devices

4. Host Onboarding

What are 4 tools of the Cisco Assurance Workflow?

1. Dashboard

2. Client 360

3. Devices 360

4. Issues

In SD-Access, what is a Fusion router?

A Fusion router enables host connectivity to shared services like DHCP, DNS, NTP, ISE, WLCs and similar.
It does this by using VRF leaking across SD-Access Fabric Domains.

The question on the page originate from the summary of the following study material:

CCNP and CCIE Enterprise Core Official Cert Guide | 1-58714-523-5 | Bradley Edgeworth, et al

View summary
  • A unique study and practice tool
  • Never study anything twice again
  • Get the grades you hope for
  • 100% sure, 100% understanding
Remember faster, study better. Scientifically proven.
Trustpilot Logo

Summaries related to Spanning Tree Protocol - Spanning Tree Protocol Fundamentals