Design methodology isn’t just focused on technology; an architect or designer also needs to focus on business priorities to bring true value to a solution. Martin J. Duggan, author of CCDE v3 Practice Labs: Preparing for the Cisco Certified Design Expert Lab Exam, explores what you can expect in the CCDE v3 Practice Exam.
Design methodology isn’t just focused on technology; an architect or designer also needs to focus on business priorities to bring true value to a solution. A design is often a compromise and has multiple constraints that are outside of the domain or scope of influence of an IT organization. To successfully deliver true value, a Cisco Certified Design Expert (CCDE) can be relied upon to assist organizations in seeing the bigger picture and interface between technical and business domains with their wealth of technical expertise and business acumen. Cisco’s CCDE certification has recently been updated to v3 to enhance the skillset of expert-level designers and architects to ensure the technical solutions businesses demand are able to meet the business and technical requirements in this increasingly complex world in which we live. The CCDE certification has been running since 2007 with a steadily growing niche community.
In comparison, the CCIE certification has been running since 1993, with numbers now being issued beginning from upward of #60,000. Reading between the lines, does this mean the CCDE certification is not as desirable or is considerably harder to achieve than the CCIE? Fortunately, the answer is “no” on both counts. It is a highly desirable vendor-agnostic (up to v3) certification, and candidates who are not dedicated to network design find it challenging to demonstrate that they possess the qualities that the certification stipulates in order to be successful. CCIE exams are mature and very specific within each track. You are openly informed which equipment and code you will be presented with and have a wealth of training material available to purchase with very specific blueprints to follow. The exam questions are also well-defined, and you have the ability to double-check your practical tasks to validate your success as you progress through the exam (configure X in order to achieve Y, and so on).
In contrast, the CCDE certification tests candidates on their experience to prove their status and validate their technical and business experience. It’s real world (what technology should customer X choose in order to satisfy requirement Y?). Passing the certification isn’t a case of studying technology or “labbing out” how protocols interact. I generally explain to candidates that in order to be successful in the CCDE lab, you actually need to be operating as a CCDE in your role on a day-to-day basis already. You just need to convince the Cisco testing engine. You’ve typically already achieved a CCIE certification to cover the technical aspects you will find in the CCDE lab, and your technical and business engagement experience in your design role is really what is going to differentiate you in the lab exam to be successful.
One of the biggest problems in achieving a Cisco expert-level certification is not knowing what you don’t know, so these labs are going to be the turning point in your preparation and will coach you in exam technique as well as design methodology. The labs presented in this book will help you focus on the “why,” as opposed to the “how,” which you may be more used to. This is absolutely crucial for the certification. Also, this is a first-class certification, and you have never seen anything like it previously, which is a credit to the creators. It was developed by the likes of Russ White and Bruce Pinsky, who have both been role models in my career and certification quest. Both are gurus, and having met them a number of times, I can tell you they are very nice chaps to boot.
The certification was developed as it became more and more apparent to the folks at Cisco that, even though they had been fundamental in assisting TAC by creating the CCIE program in order to implement and troubleshoot networks successfully, they actually didn’t have an expert level of designers to ensure that networks were designed correctly from the outset. Can a network scale? Where is the fault domain? Is modularity required? If these design fundamentals are achieved from the offset, then the concept of firefighting shouldn’t exist, and your IT team can be more productive while your customers will be content with stability and a network that can scale or divest without damaging the underlying business.
You need to effectively be “T” shaped in order to be successful with the CCDE certification. By this I mean, ideally, you should be operating currently as an IT architect and have a wide breadth of IT knowledge horizontally (high level and broad, covering many disciplines and fields, including business acumen) and depth of knowledge vertically (low level and specialized in a particular field; Layer 3 is a must). This is opposed to an IT specialist (think CCIE), who would typically be “I” shaped and primarily have the vertical knowledge and be an expert in his or her own field while lacking broader, wider knowledge.
A question that is posed to the CCDE community regularly is, Do I need to be a CCIE in order to become a CCDE? The answer that is generally given is “yes and no,” or as Cisco prefers to say, “it depends.” Having a CCIE is an advantage but entering the exam with a CCIE mindset is not going to help you attain the CCDE certification. You may focus too closely on small issues (sweating the small stuff) and miss the bigger picture of what is being requested from you. The previous CCDE certification track owner Elaine Lopes summed this up nicely by saying, “don’t bring a knife to a gun fight!” Bring the right expertise and mindset to the exam, and you have a far higher chance of being successful. Achieving the CCDE certification is really about proving you have had the experience and possess the knowledge, experience, and intelligence to operate effectively with multiple business and technical constraints. Everyone I have met who has been working toward or who has passed the CCDE tells me they have grown considerably in their journey toward attaining the CCDE. Pass or fail, you are definitely going to learn new skills, grow your network, and enhance your career. Cisco states the following: “Unlike the CCIE, which focuses on low-level network design and implementation, the CCDE validates your ability to work in the world of key stakeholders. Your CCDE certification proves your proficiency in the art of soliciting and documenting true requirements and then translating them into a high-level design for a complete solution that delights your stakeholders. The result? The business gets solutions that meet their requirements, fit their budget and schedule, and address today’s needs with a view to the future. You get all the glory. The CCDE enables you to design for the changing needs of a complex world.”
What’s New for CCDE v3?
A significant change to v3 is the delivery. The exam is now more aligned to a CCIE lab exam and administered and delivered in-house within Cisco, with identical pricing and scheduling to the CCIE lab. Initially up to six administrations of the exam are planned per calendar year, and results are delivered within 48 hours, which is a significant improvement over the legacy delivery. There is now an increased focus on business strategies and the resultant impact on designs, which can be challenging if a candidate is purely focused on technology in their day-to-day role. “Core” and “area of expertise” modules have now been introduced, which allow an expert in a specific field to leverage their experience in a final scenario, while the first three scenarios will be based around core competencies. Up until v3, the lab exam was purely vendor-agnostic, but Cisco-specific technologies may appear in area of expertise modules. At exam launch, the Area of Expertise options include the following:
On-prem and Cloud Services
Workforce Mobility
Large-Scale Networks
What’s Expected of Me in the Practical Exam?
You will need to show you can analyze design requirements based on real-world business scenarios and use this information to develop, implement, validate, and optimize network designs. You need to be skilled at reading comprehension, as you will be presented with a significant amount of background information that sets the scene of the scenario, information about the existing network, issues, and strategy, along with any relevant business information. You will have to find what is actually important from this information, which means skimming and taking notes or highlighting specific sections within the documents—points that could ultimately influence a design decision. Time is a big factor due to the quantity of information that grows as the scenario progresses, with new information in emails being presented to you. You will need to know what’s relevant to your design decision and where that information is in order to locate it quickly when required. There could be sections of a network presented within the exam that you are not familiar with; as such, you will need to be able to abstract and see any technology you are not familiar with or considered non-core to the syllabus as a “black box.” In other words, have a flow or connection to it but don’t concern yourself about the complexity that lies inside.
Over the course of the eight-hour test, you will be presented with four separate scenarios (two before lunch and two after lunch). The first three scenarios will be based on core competencies, and the final will be the area of expertise module. Each scenario will include the following components:
Use cases: Use cases are going to be the main theme of the scenario where you will be performing one of the following:
Add technology/service: Here you could be adding a new application to an existing network or new technology such as VoIP, Wi-Fi, and so on. You will need to determine what you need to do to support this addition, including implementation and how it could affect the existing infrastructure/services.
Replace technology/service: Here you could be replacing a legacy technology/service currently running in the network. You will need to determine what you need to do to support this replacement, including the implementation plan and how it could affect the existing infrastructure/services.
Merge/divest: Here you could be merging or divesting businesses or departments and will need to determine how this can affect the legacy infrastructure and services.
Scaling: Here you will need to consider the ability of the network to grow with planned growth levels and organic growth while still functioning correctly. Will modularity be required, for example?
Greenfield: This is generally every architect’s best-case scenario; however, implementation will need to be planned, and you will usually need to consider migrating traffic or applications and how your design will cater for this.
Design failure: Here you are likely to be presented with a suboptimal network that has been designed poorly or has suffered from organic growth and is no longer functioning correctly. Your design will need to provide optimization and possibly introduce fault domains, scalability, and enhanced manageability. You could be asked to optimize and then redesign a network with all the necessary migration steps factored into your implementation plan.
Design lifecycle: These are the actual questions you will be presented with. You will need to analyze, design, and create an implementation plan as well as validate and optimize throughout the scenario.
Technologies: These are the technologies you will need to be proficient in so you can make a valid design decision based on requirements and constraints presented to you within the scenario. The supplied blueprint is the place to check which technologies you should be proficient in, but ultimately you need to be an expert in Layer 3 protocols to be successful.
Exam Technique
It took me a while to realize this, but I discovered I couldn’t guarantee I would pass the exam based purely on my technical ability, business acumen, and experience. I have been fortunate enough to work in both service provider and enterprise fields in multiple disciplines, but the lab exam is intense, and it takes some strategy to guarantee success. Here are some pointers I learned from my journey that will help you:
There will be a four-hour countdown timer leading up to the lunch break, and another one after lunch. You have two scenarios in the morning and two in the afternoon. There are progress bars for each scenario showing you, as a percentage, how far through the scenario you are. Aim to allocate two hours for each scenario, but don’t get preoccupied by the time. It’s going to take approximately 15 minutes at the beginning of each scenario to read the background information and make any relevant notes that could affect your design decisions. Therefore, it might look like you are running behind initially. You could go over a little in your first scenario in the morning or after lunch if it is particularly challenging, but it’s a risky strategy.
You can highlight information in the background information/exhibits using different colors. This can be very useful to highlight specific constraints or information that will undoubtedly influence a design decision. Using different colors for different subject areas can be advantageous and speed up locating the information when required. Use the labs in this book to practice pulling out relevant information and have a scheme in mind if you plan to use the highlighter in the exam; maybe use blue for constraints, red for security requirements, or whatever allows you to go back and find relevant information efficiently.
You will be supplied with plastic sheets on which to make notes during the exam. If you don’t want to search through documents for valuable information, you may prefer to simply write down relevant facts and have them immediately at hand without searching through multiple documents and rereading highlighted text, for example. These notes can be hard to read though and put back into context, and they will take valuable time to actually write, so really try to limit the information you jot down here. The same is true for the notepad available within the desktop you are using.
As in many Cisco exams, you can’t go back in terms of questions (you can check exhibits and emails as often as you like, though). You may be presented with some information that states a customer made a specific design decision as a level set that may then influence an earlier decision you made. Don’t worry if the decision didn’t match your choice, as you may have made the right choice even if the customer went in another direction. Just carry on with the next question.
You will get bombarded with new information, such as exhibits and emails. This can be hard to keep track of, but you need to read this information, as it is crucial and will affect your design decision. Make sure you don’t have any exhibits minimized at the risk of not seeing the contents.
Stay connected to the scenario; it will shift in direction and technology, but you need to stay engaged and look at the bigger picture rather than answer each question in a solitary manner. Remember, it’s the same fictitious company going through a series of design challenges over a period of time.
If you feel you don’t have sufficient information to answer a question, you need to go back and look at your background information/exhibits. This is definitely not a guessing game; you are making informed decisions and not assumptions.
Best practice is useful, but there may be a reason why you would do something differently in the exam. Have best practice in mind, but don’t let it completely influence your design decision.
You may be asked to fill in tables with missing information. These can be quite daunting. Just make sure you only fill in columns that are actually required. The instructions should be quite clear.
You may be asked how you would implement a solution or migrate to a new one. If so, there will likely be multiple steps involved that you are required to place into a specific order. These can be seen as the hardest questions due to the number of variables, but typically there is only one way or a limited number of ways you can achieve the correct order, so practice in these labs and think about how you have delivered projects as part of your role. When you break it down to its simplest form, just be sure you don’t add a step that “breaks something before it makes something”!
There is a comment button, and all comments are read by the team. The clock is still ticking, though, so you need to decide how important your comment is going to be. Exams are very well written and verified, so it is very unlikely you will spot an error. However, if you are confident you have seen an issue, it’s worth making a quick comment.
Take a break between each scenario, unless you are seriously behind. You need to reset and tackle the next scenario as a completely new exam with a clear head.
Consider wearing noise suppressing headphones if your testing center has them available so you are not interrupted and can focus.
Russ White advises to focus on the “why” rather than “how.”
If you go into the exam and tackle it as a CCIE, you will be leaving as a CCIE.
What Should I Study?
This is a question that is posed to everyone who is successful, and each one has a different take on it. Clearly you need to be proficient in the blueprint topics, but if there is one thing you should spend significant time on, I would say Layer 3. You need to know open standard routing protocols inside and out—which one would be suitable for a particular application and which one wouldn’t, how it affects the design if you need to modify areas and zones, how to create failure domains and summarize, and so on. Unfortunately, there is no single book to read. Remember, Cisco expects you to be operating as an architect/designer and have multiple years of experience.
The following list should provide insight into where you should consider investing your study time:
Cisco Live: Attend the CCDE Tectorial to attempt an example lab during the session and search for design sessions, including areas of technology where you are your weakest. If you cannot attend in person, watch the videos to get the most from the recorded sessions (you will always learn more than you would by just reading the presentations).
Cisco Press: Look for design-based publications and architecture. Anything from Russ White and Definitive MPLS Network Designs is a must due to the way the author presents the networks in a similar manner to how the scenarios in the exam are presented with background information.
Study groups: Form your own study group or see if you can join an existing one in order to discuss technologies or work through labs you have purchased together. Also, you can discuss methodologies/technology choices, offer to discuss your area of expertise, and learn from others discussing theirs.
Cisco-validated designs: Read up on designs for different network zones, learn why a design is being recommended, and think about scalability, manageability, speeds and feeds, failure domains, and convergence.
Unleashing CCDE: Read blogs created by the CCDE team and CCDEs in the community. Aim to write one yourself when you have passed!
Bootcamps: If you still feel you aren’t ready, there are legitimate vendors operating in this space. Ask the community for advice to see which may offer the best value for you based on your own background.
Remember, gaining the CCDE is a journey. It’s going to take time, and you might not be successful initially.
Prerequisites
There are no formal prerequisites for taking the CCDE, but you should have a thorough understanding of the exam topics before taking the exam.
CCDE candidates are recommended to have five to seven years of experience with designing and architecting network solutions, as well as engaging in other related activities, such as pre-sales work.
You will need to pass the 400-007 CCDE written exam prior to attempting the CCDE lab exam. The written exam validates High-Level Design (HLD) aspects as well as business requirements within the context of enterprise network architecture. The exam is a two-hour, multiple-choice test with 90 to 110 questions that focus on core enterprise network architecture HLD aspects. The exam serves as a prerequisite for the CCDE practical exam and will continue to be available as a means of recertifying your expert-level and lower certifications. The exam is closed book, and no outside reference materials are allowed.
CCDE Practical Exam v3: Blueprints and Exam Weighting
1.0 Business Strategy Design (15%) |
|---|
1.1 Impact on network design, implementation, and optimization using various customer project management methodologies (for instance, waterfall and agile) |
1.2 Solutions based on business continuity and operational sustainability (for instance, RPO, ROI, CAPEX/OPEX cost analysis, and risk/reward) |
2.0 Control, data, management plane and operational design (25%) |
2.1 End-to-end IP traffic flow in a feature-rich network |
2.2 Data, control, and management plane technologies |
2.3 Centralized, decentralized, or hybrid control plane |
2.4 Automation/orchestration design, integration, and on-going support for networks (for instance, interfacing with APIs, model-driven management, controller-based technologies, evolution to CI/CD framework) |
2.5 Software-defined architecture and controller-based solution design (SD-WAN, overlay, underlay, and fabric) |
3.0 Network Design (30%) |
3.1 Resilient, scalable, and secure modular networks, covering both traditional and software-defined architectures, considering: |
3.1.a Technical constraints and requirements |
3.1.b Operational constraints and requirements |
3.1.c Application behavior and needs |
3.1.d Business requirements |
3.1.e Implementation plans |
3.1.f Migration and transformation |
4.0 Service Design (15%) |
4.1 Resilient, scalable, and secure modular network design based on constraints (for instance, technical, operational, application, and business constraints) to support applications on the IP network (for instance, voice, video, backups, data center replication, IoT, and storage) |
4.2 Cloud/hybrid solutions based on business-critical operations |
4.2.a Regulatory compliance |
4.2.b Data governance (for instance, sovereignty, ownership, and locale) |
4.2.c Service placement |
4.2.d SaaS, PaaS, and IaaS |
4.2.e Cloud connectivity (for instance, direct connect, cloud on ramp, MPLS direct connect, and WAN integration) |
4.2.f Security |
5.0 Security Design (15%) |
5.1 Network security design and integration |
5.1.a Segmentation |
5.1.b Network access control |
5.1.c Visibility |
5.1.d Policy enforcement |
5.1.e CIA triad |
5.1.f Regulatory compliance (if provided the regulation) |
CCDE Practical Exam v3: Core Technology List
The following is a list of technologies associated with both the CCDE v3 written exam and the CCDE v3 practical exam. Candidates are expected to have a deep understanding of these technologies. Each of these technologies may appear in any delivery of the exam.
1.0 Transport Technologies |
|---|
1.1 Ethernet |
1.2 CWDM/DWDM |
1.3 Frame relay (migration only) |
1.4 Cellular and broadband (as transport methods) |
1.5 Wireless |
1.6 Physical mediums, such as fiber and copper |
2.0 Layer 2 Control Plane |
2.1 Physical media considerations |
2.1.a Down detection |
2.1.b Interface convergence characteristics |
2.2 Loop detection protocols and loop-free topology mechanisms |
2.2.a Spanning tree types |
2.2.b Spanning tree tuning techniques |
2.2.c Multipath |
2.2.d Switch clustering |
2.3 Loop detection and mitigation |
2.4 Multicast switching |
2.4.a IGMPv2, IGMPv3, MLDv1, MLDv2 |
2.4.b IGMP/MLD Snooping |
2.4.c IGMP/MLD Querier |
2.5 Fault isolation and resiliency |
2.5.a Fate sharing |
2.5.b Redundancy |
2.5.c Virtualization |
2.5.d Segmentation |
3.0 Layer 3 Control Plane |
3.1 Network hierarchy and topologies |
3.1.a Layers and their purposes in various environments |
3.1.b Network topology hiding |
3.2 Unicast routing protocol operation (OSPF, EIGRP, ISIS, BGP, and RIP) |
3.2.a Neighbor relationships |
3.2.b Loop-free paths |
3.2.c Flooding domains |
3.2.d Scalability |
3.2.e Routing policy |
3.2.f Redistribution methods |
3.3 Fast convergence techniques and mechanism |
3.3.a Protocols |
3.3.b Timers |
3.3.c Topologies |
3.3.d Loop-free alternates |
3.4 Factors affecting convergence |
3.4.a Recursion |
3.4.b Micro-loops |
3.5 Route aggregation |
3.5.a When to leak routes / avoid suboptimal routing |
3.5.b When to include more specific routes (up to and including host routes) |
3.5.c Aggregation location and techniques |
3.6 Fault isolation and resiliency |
3.6.a Fate sharing |
3.6.b Redundancy |
3.7 Metric-based traffic flow and modification |
3.7.a Metrics to modify traffic flow |
3.7.b Third-party next hop |
3.8 Generic routing and addressing concepts |
3.8.a Policy-based routing |
3.8.b NAT |
3.8.c Subnetting |
3.8.d RIB-FIB relationships |
3.9 Multicast routing concepts |
3.9.a General multicast concepts |
3.9.b MSDP/anycast |
3.9.c PIM |
4.0 Network Virtualization |
4.1 Multiprotocol Label Switching |
4.1.a MPLS forwarding and control plane mechanisms |
4.1.b MP-BGP and related address families |
4.1.c LDP |
4.2 Layer 2 and 3 VPN and tunneling technologies |
4.2.a Tunneling technology selection (such as DMVPN, GETVPN, IPsec, MPLS, GRE) |
4.2.b Tunneling endpoint selection |
4.2.c Tunneling parameter optimization of end-user applications |
4.2.d Effects of tunneling on routing |
4.2.e Routing protocol selection and tuning for tunnels |
4.2.f Route path selection |
4.2.g MACsec (802.1ae) |
4.2.h Infrastructure segmentation methods |
4.2.h.i VLAN |
4.2.h.ii PVLAN |
4.2.h.iii VRF-Lite |
4.3 SD-WAN |
4.3.a Orchestration plane |
4.3.b Management plane |
4.3.c Control plane |
4.3.d Data plane |
4.3.e Segmentation |
4.3.f Policy |
4.3.f.i Security |
4.3.f.ii Topologies |
4.3.f.iii Application-based routing |
4.4 Migration techniques |
4.5 Design considerations |
4.6 QoS techniques and strategies |
4.6.a Application requirements |
4.6.b Infrastructure requirements |
4.7 Network management techniques |
4.7.a Traditional (such as SNMP, SYSLOG) |
4.7.b Model-driven (such as NETCONF, RESTCONF, gNMI, streaming telemetry) |
4.8 Reference models and paradigms that are used in network management (such as FCAPS, ITIL, TOGAF, and DevOps) |
5.0 Security |
5.1 Infrastructure security |
5.1.a Device hardening techniques and control plane protection methods |
5.1.b Management plane protection techniques |
5.1.b.i CPU |
5.1.b.ii Memory thresholding |
5.1.b.iii Securing device access |
5.1.c Data plane protection techniques |
5.1.c.i QoS |
5.1.d Layer 2 security techniques |
5.1.d.i Dynamic ARP inspection |
5.1.d.ii IPDT |
5.1.d.iii STP security |
5.1.d.iv Port security |
5.1.d.v DHCP snooping |
5.1.d.vi IPv6-specific security mechanisms |
5.1.d.vii VACL |
5.1.e Wireless security technologies |
5.1.e.i WPA |
5.1.e.ii WPA2 |
5.1.e.iii WPA3 |
5.1.e.iv TKIP |
5.1.e.v AES |
5.2 Protecting network services |
5.2.a Deep packet inspection |
5.2.b Data plane protection |
5.3 Perimeter security and intrusion prevention |
5.3.a Firewall deployment modes |
5.3.a.i Routed |
5.3.a.ii Transparent |
5.3.a.iii Virtualization |
5.3.a.iv Clustering and high availability |
5.3.b Firewall features |
5.3.b.i NAT |
5.3.b.ii Application inspection |
5.3.b.iii Traffic zones |
5.3.b.iv Policy-based routing |
5.3.b.v TLS inspection |
5.3.b.vi User identity |
5.3.b.vii Geolocation |
5.3.c IPS/IDS deployment modes |
5.3.c.i In-line |
5.3.c.ii Passive |
5.3.c.iii TAP |
5.3.d Detect and mitigate common types of attacks |
5.3.d.i DoS/DDoS |
5.3.d.ii Evasion techniques |
5.3.d.iii Spoofing |
5.3.d.iv Man-in-the-middle |
5.3.d.v Botnet |
5.4 Network control and identity management |
5.4.a Wired and wireless network access control |
5.4.b AAA for network access with 802.1X and MAB |
5.4.c Guest and BYOD considerations |
5.4.d Internal and external identity sources |
5.4.e Certificate-based authentication |
5.4.f EAP chaining authentication method |
5.4.g Integration with multifactor authentication |
6.0 Wireless |
6.1 IEEE 802.11 standards and protocols |
6.1.a Indoor and outdoor RF deployments |
6.1.a.i Coverage |
6.1.a.ii Throughput |
6.1.a.iii Voice |
6.1.a.iv Location |
6.1.a.v High density / very high density |
6.2 Enterprise wireless network |
6.2.a High availability, redundancy, and resiliency |
6.2.b Controller-based mobility and controller placement |
6.2.c L2/L3 roaming |
6.2.d Tunnel traffic optimization |
6.2.e AP groups |
6.2.f AP modes |
7.0 Automation |
7.1 Zero-touch provisioning |
7.2 Infrastructure as Code (tools, awareness, and when to use) |
7.2.a Automation tools (for instance, Ansible) |
7.2.b Orchestration platforms |
7.2.c Programming language (for instance, Python) |
7.3 CI/CD Pipeline |
CCDE Practical Exam v3: On-Prem and Cloud Services Technology List
The technologies shown in this document are associated with the On-prem and Cloud Services area of expertise of the CCDE v3 practical exam. Candidates are expected to have a deep understanding of these technologies. Each of these technologies may appear in any delivery of the exam.
Note: The technologies listed here are in addition to the technologies listed in the CCDE Core Technology list.
1.0 Transport Technologies |
|---|
1.1 Data Center Interconnect options |
2.0 Layer 3 Control Plane |
2.1 Inter-fabric connectivity, such as multipod, multisite |
2.2 External connectivity for on-prem and cloud |
2.3 Multi-cloud network architecture |
3.0 Network Virtualization |
3.1 Overlay |
3.1.a Management plane |
3.1.b Control plane |
3.1.c Data plane (such as VXLAN, MPLS) |
3.1.d Segmentation |
3.1.e Policy |
3.1.e.i Security |
3.1.e.ii Topologies |
3.1.e.iii Data center interconnect |
3.1.e.iv Multiple site strategy |
3.1.e.v Service insertion |
3.2 Virtual Networking |
4.0 Automation |
4.7 Deployment models |
4.7.a Bare metal |
4.7.b VM |
4.7.c Microservices |
5.0 Data Center |
5.1 Storage |
5.1.a Physical topology |
5.1.b QoS requirements |
5.1.c FC and FCoE |
5.1.c.i Zoning |
5.1.c.ii Trunking |
5.1.c.iii Link aggregation |
5.1.c.iv Load balancing |
5.1.d iSCSI |
5.1.d.i Authentication |
5.1.d.ii Multipathing |
5.2 Application delivery |
5.2.a Load balancer deployment modes |
5.3 Compute |
5.3.a UCS blade integration |
5.3.b UCS rack server integration |
5.3.c HyperFlex integration |
5.4 Compute connectivity |
5.4.a SAN/LAN uplinks |
5.4.b Port modes |
CCDE Practical Exam v3: Workforce Mobility Technology List
The technologies listed in this document are associated with the Workforce Mobility area of expertise of the CCDE v3 practical exam. Candidates are expected to have a deep understanding of these technologies. Each of these technologies may appear in any delivery of the exam.
Note: The technologies listed here are in addition to the technologies listed in the CCDE Core Technology list.
1.0 Security |
|---|
1.1 Network control and identity management |
1.1.a Cisco ISE |
2.0 Wireless |
2.1 Enterprise wireless network |
2.1.a WLAN architectures |
2.1.a.i Centralized |
2.1.a.ii Distributed |
2.1.b Roaming optimizations |
2.1.c Mesh network architecture |
2.1.d RF and radio design |
2.1.d.i Channel planning |
2.1.d.ii Channel width |
2.1.d.iii Spatial streams |
2.1.d.iv Radio Resource Management |
2.1.d.v Client considerations, such as transmit power, RSSI, SNR |
2.1.e Antenna types |
2.2 Regulatory domains |
2.3 Site survey |
2.3.a Floor maps |
2.3.b Coverage requirements |
2.3.c Building materials |
2.3.d Attenuation |
2.3.e Interferences |
2.3.f Capacity planning |
2.3.g AP cell areas |
2.3.h Wired network |
2.3.h.i PoE |
2.3.h.ii Switch port capacity |
2.3.h.iii Uplink capacity |
2.3.i Outdoor/indoor locations |
2.3.j Survey types |
2.3.j.i Walkthrough |
2.3.j.ii Predictive |
2.3.j.iii Active |
2.3.j.iv Passive |
2.3.k Heat maps |
2.4 Requirement gathering and analysis |
2.4.a Areas of coverage |
2.4.a.i Expected coverage per area |
2.4.a.ii Client density |
2.5 Multicast over wireless |
2.6 mDNS |
2.7 Location services and solutions |
2.7.a RTLS |
2.7.b DNA Spaces |
2.7.b.i Analytics |
2.8 Automation, Assurance, Insights, and Telemetry (Legacy and DNAc) |
2.8.a AVC/NetFlow |
2.8.b DNAc |
CCDE Practical Exam v3.0: Large-Scale Networks Technology List
The technologies shown in this document are associated with the Large-Scale Networks area of expertise of the CCDE v3 practical exam. Candidates are expected to have a deep understanding of these technologies. Each of these technologies may appear in any delivery of the exam.
Note: The technologies listed here are in addition to the technologies listed in the CCDE Core Technology list.
1.0 Transport Technologies |
|---|
1.1 Carrier Ethernet |
1.2 Ring-based (such as SONET/SDH, OTU) |
1.3 Frame relay (migration only) |
1.4 Wireless (including satellite links, microwave links) |
1.5 Optical |
2.0 Layer 2 Control Plane |
2.1 Loop detection protocols and loop-free topology mechanisms |
2.1.a REP |
2.2 Transport mechanisms and their interaction with routing protocols over different link types |
3.0 Layer 3 Control Plane |
3.1 Factors affecting convergence |
3.1.a Transport |
3.2 Generic routing and addressing concepts |
3.2.a Large-scale NAT |
3.3 Multicast routing concepts |
3.3.a Multicast delivery/implementation models |
3.3.b mVPN |
4.0 Network Virtualization |
4.1 Multiprotocol Label Switching |
4.1.a Segment routing |
4.1.b LDP and SR interworking |
4.1.c MPLS traffic engineering |
4.2 QoS techniques and strategies |
4.2.a End-user requirements |
4.2.b DiffServ |
4.2.c IntServ |
4.3 EVPN |
4.3.a Management plane |
4.3.b Control plane |
4.3.c Data plane (such as VXLAN, MPLS, PBB) |
4.3.d Segmentation |
4.3.e Policy |
4.3.e.i Security |
4.3.e.ii Topologies |
4.3.e.iii Multiple site strategy |
5.0 Security |
5.1 Infrastructure security |
5.1.a Data plane protection techniques |
5.1.a.i uRPF |
5.1.a.ii RTBH |
6.0 Automation |
6.1 Lifecycle management/closed-loop automation |
CCDE Practical Exam v3.0: Business Information
The CCDE candidate needs to possess some business acumen. Typically, a CCDE will be an interface to the customer CTO and business leaders, translating business requirements into technical solutions. If this area is new to you, I would suggest you investigate the following business areas at high level:
Values
Strategy
Vision
Mission
Objectives
Goals
Operations
Value Proposition
Return on Investment (ROI)
Business Innovation
Business Disruption
Total Cost of Ownership (TCO)
Capital Expenditure (CAPEX)
Operational Expenditure (OPEX)
The Labs Presented in This Book
Treat the following three labs as if you were taking the real exam. Aim to get them completed individually within the two-hour limit, but don’t worry if they run longer, as they are arguably slightly more difficult than the real exam (this is part of my “train hard and race easy” methodology). The most important thing to consider is that you will gain the maximum value from each lab by taking it after you feel you have completed your study plan. Quite simply, you need to put everything into practice that you have learned. Reference the technology and exam technique to see if you are ready to take the real exam. If you identify some specific areas of technology you may be weaker in, go back and study them prior to taking the real exam. Don’t be tempted to work through the debrief to see what was expected of you from each lab until you have actually taken the lab under exam conditions. Labs are extremely difficult and time consuming to create to ensure reality, complexity, and flow. There are very few on the market, so you will need to maximize the benefit of each lab you take.
Consider highlighting the relevant text in the actual book using multiple colors or making a separate note of requirements, constraints, or general information you feel may be of value in order to make an informed design decision. Due to the printing of the book, you might be able to see a subsequent question on an adjacent page, so I would recommend covering up pages as you progress through the lab questions.
These labs do actually reset you along a correct path if you have inadvertently chosen a technology that is not appropriate for the design. Don’t be disheartened if you don’t score as well as you thought you would when you run through the debrief, as this is practice after all. Just aim to improve your technique with each lab so that by the final one you are eager to go and know what to expect and, more importantly, how to deal with it during your real lab exam.
Final Advice
I attended the CCDE Cisco Live Tectorial in Berlin prior to my success and booked one-on-one time with Elaine Lopes and Yuri Lukin, who were heading up the CCDE certification team at that time. The whole team was really accessible, and they were very keen to offer help and advice. This was invaluable for me—and a turning point. I learned not to be too hasty in my decisions and not to answer the questions based on the facts in front of me but to scan the documents when something wasn’t clear. I was missing clues and needed to be neater in marking what was really important. My technical ability was at the correct level, however. The distracters in the questions are so well thought out that you really have to fully absorb the scenario and the requirements presented within it to be successful.
Possibly the most useful resource for me was being part of a study group that my friends Daniel Dib and Kim Pedersen started. We pretty much had the dream team in our study group. We were blessed with the presence of Russ White, the “daddy” of the CCDE exam, and I was able to ask him questions around the logic of OSPF ABR placement from one of his books, as it was puzzling me. He even gave me some brilliant last-minute advice: “read the question,” he said! It proved to be simple and sound advice, which made me laugh at the time. I made sure I did read each question, at least twice. I had even filled in a table with multiple answers when I remembered the advice and read the question again and found I only needed to check one box on one column, but actually had completed two (thanks Russ!).
If you are more than an hour away from the test center, booking a hotel for the night before would be a smart move. You don’t need the stress of travelling far on the same day. By taking the labs in this book and working through the debrief material, you will be in a far better position and won’t have any surprises on the day.
The practical exam is very tough, but it is fair and achievable. This is what makes it so desirable. If it is your goal or ambition to become CCDE certified, you are very likely to reach it. If you are thinking, “I’ll give it a shot, as I’ve been in the industry for 10 years and design on a daily basis,” then don’t be surprised if you don’t get your number immediately. Just remember that if you don’t pass on your first or second or even third attempt, you haven’t actually failed. You will only have failed if you give up. The exam has to beat you every time, but you only have to beat it once to get your number. It has also occurred to me that if you can’t explain a technology or how a solution functions or scales to a friend who isn’t necessarily even technical, then you don’t actually know that technology. It’s a case of turning your weaknesses into your strengths. For instance, if you are a guru with IS-IS but have no real-world experience of how EIGRP may perform better in certain topologies, it’s time to get the books out or speak to your study group. Be prepared for give and take from your group. Play devil’s advocate to question others and offer to run a study session for your group in your area of expertise. The sum of your group’s expertise will be invaluable. Even if you don’t get your number, you will grow from the experience.
The exam itself is quite simply a credit to its creators. Most people don’t realize the effort that goes into keeping the scenarios realistic, fresh, and protected. The team behind it is brilliant. The distracters are just so good—sometimes you see five correct answers in front of you, but only one will be appropriate to the customer and the scenario, even if not your favorite. Therefore, you just need to connect the dots and find the important requirements that, when matched with your knowledge and experience, will take you to the correct answer.
Put the books down for a few days prior to the exam. Spend time with your loved ones and be energized for the exam. Take your full break on the testing day, and pace your time. The exam status bar you will see throughout your scenarios is actually your friend, not your enemy.
You are going to need some endurance to complete four scenarios in a day. Practice with as many labs as you can as if you were taking your CCIE lab. I like to cycle, and I found I could clear my head and be energized for a long study session after a ride. I certainly couldn’t run an eight-hour study session, but I could easily manage four two-hour ones.
Use the following advice as you work through the labs presented in this book and your real exam, and you should have a good chance of gaining your number. Good luck!
Read the question.
Connect with the scenario.
Take time to analyze the existing environment.
Look for missing information.
Know what information you already have.
Don’t only base your answer on best practices.
Do not make assumptions.
Only make fact-based decisions.
Work on your weaker technology areas.
Maintain a high-level approach.
Think as a network architect/designer, not as a CCIE.
Focus on the “why”!