IMINS2 v1.0 - Managing Industrial Networks for Manufacturing with Cisco Technologies

Networking/Server/Operating Systems
Schedules
Optional
  LearnITAnytime Online Subscription (1 Year Subscription - $195.00)
  IT Online Library (1 Year Subscription - $1595.00)
  Private Mentoring 3 Hours ($225)
Quantity
If quantity is more than 1, Please add all Attendees' Names /Voucher #/ Learning Credit below separated with a comma. If not specified, we will contact you prior to the class start date. Special Instructions

Description

Managing Industrial Networks for Manufacturing with Cisco? Technologies (IMINS2) Version 1.0 is a lab intensive course, which helps students with the skills required to successfully implement and troubleshoot the most common industry standard protocols while leveraging best practices needed in Security and Wireless technologies for today's industrial networks. The IMINS2 course, developed in conjunction with Rockwell Automation, helps plant administrators, control system engineers and traditional network engineers in the manufacturing, process control, and oil and gas industries, who will be involved with the convergence of IT and Industrial networks. This course also helps you prepare for the Managing Industrial Networks for Manufacturing with Cisco Technologies Certification exam (exam ID 200-601) and (having completed required prerequisites) qualify for the Cisco Certified Network Associate Industrial (CCNA Industrial) certification.

This course is job-role specific and enables you to achieve competency and skills to configure, maintain, and troubleshoot industry standard network protocols as well as wireless and security technologies to ensure that current infrastructures are maximized while developing a converged platform for flexibility to support future business outcomes. Students will be exposed to multiple industrial network technologies as well as products from Cisco and other industrial suppliers including Rockwell Automation.

To participate in the hands-on labs in this class, you need to bring a laptop computer with the following:

  • Windows 7 or 8.1 or 10 is recommended. Mac OSX 10.6 or greater is supported as well.
  • Intel Celeron or better processors are preferred.
  • 1 GB or more of RAM
  • Browser Requirements: Internet Explorer 10 or greater or Mozilla Firefox. (Safari and Mozilla Firefox for Mac OSX)
  • All students are required to have administrator rights to their PCs and cannot be logged in to a domain using any Group Policies that will limit their machine's capabilities.
  • If you do not have administrator rights to your PC, you at least need permissions to download, install, and run Cisco Any Connect Client.
  • If you are participating in a WebEx event, it is highly recommended to take this class at a location that has bandwidth speeds at a minimum of 1 Mbps bandwidth speeds.

Objectives

By the end of this course, you will achieve the following objectives:

  • Understand the Functions of the OSI Layers and TCP/IP Model and Recognize the Difference between Enterprise and Industrial Networks
  • Troubleshoot Common Issues Found in Layers 1, 2, 3 of the OSI Model
  • Describe the Functions and Components of Ethernet/IP Protocols
  • Configure and Troubleshoot CIP on Cisco and Stratix Switches
  • Describe the Functions and Components of the PROFINET Protocol
  • Configure PROFINET Protocols on Cisco Industrial Ethernet Devices
  • Troubleshoot Common PROFINET Issues
  • Identify Common Network Threats and Resolutions and Configure Basic Security Components (Access Lists and AAA Features)
  • Configure a Wireless Network within an Industrial Environment

Prerequisites

The knowledge and skills that a learner must have before attending this course are as follows:

  • Describe network fundamentals and build simple LANs
  • Establish Internet connectivity
  • Manage network device security
  • Expand small- to medium-sized networks with WAN connectivity
  • Describe IPv6 basics
  • Identify Cisco industrial networking solutions
  • Describe Cisco Industrial Ethernet switches, Rockwell Automation Stratix switches, and Cisco Connected Grid switches and routers
  • Interpret design and drawings
  • Recognize zone and cell topologies
  • Install industrial network components
  • Deploy industrial network components
  • Perform basic maintenance tasks on the network
  • Troubleshoot network and control issues

Who Should Attend

This course is designed for IT and operations technology (OT) professionals and control engineers who will be involved with the installation, configuration, and troubleshooting of networked industrial products and solutions for the following industries:

  • Manufacturing
  • Process control
  • Oil and gas
  • Other industries as applicable

Outline

Module 1: Industrial Networking Concepts and Components

    Lesson 1: Contrasting Enterprise and Industrial Environments
    • Industrial Ethernet Architecture
    • IACS Network Design Requirements
    • CPwE Composition
    • Summary


    Lesson 2: Configuration Tools for Industrial Ethernet Switches

    • Industrial Ethernet Switch Types
    • Industrial Ethernet CLI Tools
    • Industrial Ethernet GUI Tools
    • Summary


    Lesson 3: Exploring Layer 2 Considerations

    • Unicast, Multicast, and Broadcast Overview
    • Planning VLANs for the Industrial Network
    • 802.1q VLAN Trunking
    • Discovery 1: Plan and Configure VLANs
    • Smartports Macros
    • Summary


    Lesson 4: Layer 2 Resiliency Using Spanning Tree Protocol

    • Layer 2 Resiliency in the IACS Network.
    • Managing Spanning Tree Protocol
    • Types of Spanning Tree Protocols
    • Spanning Tree Operation Review
    • Discovery 2: Verify and Configure STP Settings
    • Changing STP Priority
    • Discovery 3: Configuring the STP priority
    • Discovery 4: STP Path Manipulation
    • PVRST+ Configuration
    • RSTP Port Roles
    • Spanning-Tree Port Types and States
    • PortFast Configuration
    • Verifying PVRST+
    • Introducing MSTP
    • Implementing MSTP
    • Summary


    Lesson 5: Layer 2 Resiliency Considerations

    • Unidirectional Link Failure
    • Configuring UDLD
    • FlexLinks in the Access Layer
    • Configuring Link Aggregation using Etherchannel
    • Describe EtherChannel
    • Configuring Port Channels Using EtherChannel
    • Verify EtherChannel
    • Resilient Ethernet Protocol
    • Discovery 5: Switch Alarm Configuration
    • Discovery 6: Configure Power Supply Alarm to Monitor Dual Power Supplies
    • Discovery 7: Configure and Apply Alarm Profile to Port
    • Interface Storm Control
    • Summary


    Lesson 6: Layer 2 Multicast Control and QoS

    • Multicast Traffic Management
    • Layer 2 Traffic Forwarding Review
    • Multicast Addressing
    • Internet Group Management Protocol
    • IGMP Snooping
    • Configuring IGMP and IGMP Snooping
    • Verify IGMP and IGMP Snooping
    • Layer 2 Quality of Service in the IACS
    • Configuring QoS in the IACS
    • Summary


    Lesson 7: Exploring Layer 3 Considerations

    • IP Address usage in the IACS
    • IP Routing Overview
    • Dynamic Routing Protocol Overview
    • Classful vs. Classless routing protocols
    • Discovery 8: Configure and Verify Static Route
    • Discovery 9: Configure Static IP route
    • Discovery 10: Configure Static default IP route
    • Traditional Network Address Translation
    • Layer 2 Network Address Translation
    • Discovery 11: Configure and Verify Layer 2 NAT
    • VRF Lite
    • Summary


    Lesson 8: Module SummaryLesson 9: Module Self-Check

Module 2: General Troubleshooting Issues

    Lesson 1: Troubleshooting Methodologies
    • Troubleshooting Method
    • Common Troubleshooting Approaches
    • Built-in IOS Troubleshooting Tools
    • CPU Utilization
    • Troubleshoot Memory Issues
    • Network Management System (NMS)
    • View Syslog
    • Read Log Messages
    • Summary


    Lesson 2: Troubleshooting Layer 1

    • Knowledge as a Tool
    • Media Testing Tools
    • Troubleshooting Physical Media
    • Show Interface Error Counters
    • Troubleshoot Copper Cables
    • Summary


    Lesson 3: Troubleshooting Layer 2 Issues

    • Layer 2 Troubleshooting Tools
    • Troubleshooting Endpoint Device Connectivity
    • Troubleshooting Inter-Switch Connectivity
    • Troubleshoot STP Topology
    • Troubleshooting REP
    • Troubleshoot Error Disabled Ports
    • Common Layer 2 Issues
    • Configuration Issues
    • Traffic Issues
    • Switch Hardware Failure
    • Summary


    Lesson 4: Troubleshooting Layer 3 Issues

    • Layer 3 Troubleshooting Tools
    • Identify Layer 3 Routes
    • Determine the Communication Path
    • Nonfunctional Network Nodes
    • Troubleshoot Packet Loss
    • Perform a Packet Capture
    • Information About SPAN and RSPAN
    • Summary


    Lesson 5: Module Summary

    • References


    Lesson 6: Module Self-Check

Module 3: Ethernet/IP

    Lesson 1: Exploring Ethernet/IP Communications
    • Exploring EtherNet/IP Communications
    • CIP
    • EtherNet/IP
    • CIP Protocol Characteristics
    • CIP Connection Types
    • Object Modeling
    • CIP Communications
    • CIP Messaging
    • CIP Models
    • Producer/Consumer Model
    • Unicast vs. MulticastFactors
    • CIP Data Flow Consumer
    • Consumer and Producer I/O Communications
    • Summary


    Lesson 2: Exploring Hardware Capabilities

    • EtherNet/IP Endpoints
    • Implicit vs. Explicit Messaging
    • CIP I/O Connections
    • ControlLogix Redundancy
    • Device Profiles
    • I/O Assembly Instances
    • Add-On Profiles
    • Produced/Consumed Tags
    • I/O Connections
    • Optimizing RPI
    • EtherNet/IP Considerations
    • Summary


    Lesson 3: Exploring CIP Sync, CIP Motion, and CIP Safety

    • CIP Sync
    • Precision Time Protocol
    • CIP Sync
    • CIP Sync Requirements
    • Quality of Service
    • Clock Types and Precision Time Protocol Modes
    • Best Master Clock
    • Precision Time Protocol Messages.
    • Precision Time Protocol Priority
    • Troubleshooting Precision Time Protocol
    • Discovery 12: Configure and Verify Precision Time Protocol on the Cisco IE 2000 Series Switch
    • Discovery 13: Configure and Verify Precision Time Protocol on the Cisco IE 3000 Series Switch
    • CIP Motion
    • CIP Safety
    • CIP Safety Wireshark
    • Summary


    Lesson 4: Exploring Embedded Switch Technology

    • Embedded Switch Technology
    • Device-Level Ring Network
    • Layer 2 Resiliency Protocols Compared
    • Embedded Switch Technology Use Cases
    • Embedded Switch Technology Features
    • Embedded Switch Technology Considerations
    • Summary


    Lesson 5: Configuring Stratix Switches

    • Add-On Profiles
    • Stratix Switch Configuration
    • Discovery 14: Add a Stratix 5700 Switch Add-On Profile (AOP) to a Studio 5000 Logix Designer Application
    • Discovery 15: Configure a Stratix 5700 Switch Using an Add-On Profile (AOP) in a Studio 5000 Logix Designer Application
    • SD Flash Sync
    • Save/Restore
    • Summary


    Lesson 6: Module Summary
    Lesson 7: Module Self-Check

Module 4: Troubleshooting Ethernet/IP

    Lesson 1: Identifying Common EtherNet/IP Issues
    • Connectivity Issues
    • Troubleshooting Device-Level Ring (DLR) Networks
    • Performance Issues
    • Summary


    Lesson 2: EtherNet/IP Troubleshooting Methods and Tools

    • Troubleshooting Methods Review
    • RSLinx Classic
    • Studio 5000 Logix Designer
    • Command Line Interface
    • HMI
    • Device Manager Web Interface
    • Wireshark
    • Summary


    Lesson 3: Module Summary
    Lesson 4: Module Self-Check

Module 5: PROFINET

    Lesson 1: Describe PROFINET Functionality and Connection Method
    • Protocol Characteristics
    • Discovery and Configuration Protocol
    • PROFINET Communications
    • PROFINET Models
    • Optimizing PROFINET
    • PROFIsafe
    • Summary


    Lesson 2: Describing Basic PROFINET Devices

    • Conformance Classes Build on One Another
      • Conformance Class C is synchronous, while Conformance Classes A and B are cyclic.
    • Conformance Class A
    • Conformance Class B
    • Conformance Class C
    • Summary


    Lesson 3: Understanding Ring Network Requirements

    • Network Redundancy
    • Controller Redundancy
    • Device Redundancy
    • Summary


    Lesson 4: Module Summary
    Lesson 5: Module Self-Check

Module 6: Configuring PROFINET

    Lesson 1: Enabling and Prioritizing PROFINET at L2
    • Configure a Switch for PROFINET Communication
    • Discovery 16: Disable and Enable PROFINET
    • Configure Layer 2 QoS
    • Discovery 17: Configure L2 Quality of Service
    • Summary


    Lesson 2: Integrating Cisco Industrial Ethernet Switches

    • Cisco Switch Configuration
    • Cisco Switch Validation
    • Summary


    Lesson 3: Configuring PROFINET Alarms

    • Configure an Alarm
    • Discovery 18: Configure an Alarm
    • Discovery 19: Verify an Alarm
    • Summary


    Lesson 4: Module Summary
    Lesson 5: Module Self-Check

Module 7: Troubleshooting PROFINET

    Lesson 1: Identifying PROFINET Troubleshooting Methods
    • Review: Troubleshooting Method
      • Review: Troubleshooting Method
    • Connectivity Issues
    • Performance Issues
    • Discovery 20: Adjust the Update Time for a Switch
    • Summary


    Lesson 2: Exploring PROFINET Troubleshooting Tools

    • Discovery 21: CLI/Prompt Commands
    • Web Interface
    • Discovery 22: Analyze ProfiNET Traffic using Wireshark
    • SNMP-OPC Server
    • Summary


    Lesson 3: Module Summary
    Lesson 4: Module Self-Check

Module 8: Exploring Security Concerns

    Lesson 1: Overview Of Defense-in-Depth Strategy
    • Identify Threats in the IACS network
    • Attack Continuum
    • New Security Model Approach
    • Define the Defense-in-Depth Strategy
    • Integrated Security Features for Industrial Ethernet Products
    • Security Policy Lifecycle
    • Summary


    Lesson 2: Controlling Access and Network Traffic

    • User and Device Access Control
    • Using AAA features
    • Using Access Control Lists
    • ACL Operation
    • Discovery 23: Examine Basic traffic Control using ACL
    • Using 802.1x and Cisco ISE
    • Cisco Identity Services Engine
    • Using Port Security
    • Using DHCP Snooping
    • Using Dynamic ARP Inspection
    • Using Unicast Reverse Path Forwarding
    • Using VLANs as Security
    • Using Firewalls
    • Using Secure Remote Access
    • Using IPS/IDS
    • Summary


    Lesson 3: Module Summary
    Lesson 4: Module Self-Check

Module 9: 802.11 Industrial Ethernet Wireless Networking

    Lesson 1: Understanding 802.11 Networks
    • 802.11 Overview
    • Wireless Infrastructure Devices
    • Ad Hoc Networks
    • Infrastructure Mode
    • Service Set Identifiers
    • Workgroup Bridges
    • Repeaters
    • Non-802.11 Radio Interferers
    • 802.11 Standards for Channels and Speeds
    • Describing Wireless Security Components
    • Key Management
    • 802.1X/EAP Framework
    • Summary


    Lesson 2: Industrial WLAN Design Considerations

    • Industrial Wireless Introduction
    • Industrial Wireless IACS Use Cases
    • WLAN Architecture Types
    • Wireless Client Types
    • WLAN Equipment Topologies
    • Performing a Wireless Site Survey
    • Autonomous and Unified CPwE WLAN Architectures
    • Discovery 24: Explore Wireless LAN Controller
    • Configure Workgroup Bridge Mode on Access Point
    • Discovery 25: Configure Wireless Workgroup Bridge on Stratix 5100
    • Summary


    Lesson 3: Module Summary
    Lesson 4: Module Self-Check

Lab Outline

Hardware Lab 1: Connecting to the remote LAB environment

  • Install the Cisco AnyConnect mobility client
  • Connect to the remote LAB VPN environment
  • Connect to the remote PC Using Remote Desktop Client
  • Connect to the terminal Server for device console access using PuTTY remote software
  • Connect to the console port of a device


Hardware Lab 2: Configuring 802.1q Trunks

  • Plan inter-switch trunk requirements
  • Configure the switch port to perform 802.1q trunk operations
  • Verify the switch port 802.1q trunk operations


Hardware Lab 3: Configuring and Applying Smartports Macros

  • Apply Smartports macro on Cisco switches
  • Configure Smartports macro on the Rockwell Automation (Allen-Bradley) Stratix 5700 Switch


Hardware Lab 4: Configuring and Applying Custom Smartports Macros

  • Configure Custom Smartports Macro on Industrial Ethernet Switches


Hardware Lab 5: Configuring and Applying EtherChannel

  • Apply EtherChannel Configuration


Hardware Lab 6: Configuring Resilient Ethernet Protocol

  • Configure the REP Administrative VLAN
  • Configure the REP Segment edge ports
  • Configure the REP Segment ports
  • Verify the REP Segment topology


Hardware Lab 7: Configuring Resilient Ethernet Protocol Features

  • Configure the REP VLAN load balancing
  • Configure the REP SNMP mib


Hardware Lab 8: Configuring and Verifying Storm Control

  • Verify the current interface storm control settings
  • Configure the interface storm control settings on Stratix 5700


Hardware Lab 9: Verify IP IGMP Snooping

  • Verify the IGMP Snooping configuration
  • Configure the IGMP Snooping address


Hardware Lab 10: Configure QoS settings

  • Verify the current configuration QoS status
  • Apply and verify the Smartports macro QoS configuration


Hardware Lab 11: Using IOS Troubleshooting Tools

  • Verify Endpoint Device Physical Port Connection Using the Port Status LED
  • Verify Endpoint Device Physical Port Configuration Using the show running-config Interface IOS Command
  • Verify Endpoint Device Connection and Layer 2 Communication Using the show Mac-Address table IOS Command
  • Verify That the Endpoint Device Switch Interface Is Associated to the Correct Vlan Using the show vlan IOS Command
  • Verify the Switchport Operational Status Using the show interfaces IOS Command
  • View the Active Configuration by Using the Show running-config IOS Command


Hardware Lab 12: Troubleshooting Layer 2 Endpoint Device Connectivity

  • Verify endpoint device physical port connection using the port status LED
  • Verify endpoint device physical port configuration using the show running-config interface IOS command
  • Verify endpoint device connection and layer 2 communication using the show mac-address table IOS command
  • Verify the endpoint device switch interface is associated to the correct vlan using the show vlan IOS command
  • Verify the switchport operational status using the show interfaces IOS command
  • View the active configuration by using the "show running-config" IOS command


Hardware Lab 13: Troubleshooting Layer 2 Inter-Switch Connectivity

  • Verify layer 2 switch to switch communication by using the show cdp neighbor IOS command
  • Verify layer 2 switch to switch communication by using the show interface trunk IOS command
  • Verify endpoint device layer 2 traffic flow using the show mac address-table command.
  • Verify the status of the Etherchannel configured n the PODx_IE3K switch


Hardware Lab 14: Troubleshooting Broken REP Segment

  • Verify functional REP segment topology status
  • Introduce a Simulated Link Failure
  • Troubleshoot, repair and normalize the REP topology


Hardware Lab 15: Troubleshooting Layer 3

  • Verify layer 3 network reachability using the show ip route command
  • Troubleshoot layer 3 connections using PING
  • Verify Layer 3 Reachability with Telnet
  • Verify the layer path with Traceroute


Hardware Lab 16: Perform a Packet Capture

  • Configure SPAN Port Session
  • Launch Wireshark and perform packet capture


Hardware Lab 17: Troubleshoot Network Issues

  • Load Network Issues
  • Find the Network Fault


Hardware Lab 18: Configure CIP on Industrial Switches

  • Configure CIP on a Cisco IE 2000 Switch Using Command Line Interface
  • Configure CIP on a Cisco IE 3000 Switch Using Command Line Interface
  • Configure an IP Address for CIP VLAN 25 on a Stratix 5700 Switch Using the Device Manager Web Interface
  • Configure Precision Time Protocol (PTP) on a Stratix 5700 Switch using the Cisco Device Manager Web Interface


Hardware Lab 19: Troubleshooting EtherNet/IP Communication Issues

  • Load CIP Configuration Error into Industrial Switches
  • Troubleshoot a CIP Configuration Error in a Cisco IE 2000 Series Switch
  • Apply Corrective Action to Restore CIP Communication
  • Verify Restored CIP Communication
  • Troubleshoot CIP Configuration Error in a Stratix 5700 Series Switch
  • Troubleshoot a CIP Configuration Error in a Cisco IE 3000 Series Switch


Hardware Lab 20: Configuring PROFINET Support

  • Copy a GSD File from a Switch
  • Install a GSD File into TIA Portal Software
  • Configure PROFINET Management Support on a Cisco IE 2000 Switch
  • Configure PROFINET Management Support on a Cisco IE 3000 Switch


Hardware Lab 21: Troubleshoot PROFINET Communication Issues

  • Troubleshoot PROFINET Communication Problem 1
  • Troubleshoot PROFINET Communication Problem 2
  • Troubleshoot PROFINET Communication Problem 3


Hardware Lab 22: Configure Port Security Mechanisms

  • Remove SPAN Session (port mirroring) from IE3K
  • Verify PC2 Connectivity
  • Configure Port Security using the Device Manager
  • Configure IP DHCP Snooping
  • Configure Dynamic ARP Inspection


Hardware Lab 23: Configure AAA Authentication using Cisco ISE and 802.1x

  • Configure AAA authentication on PODx_IE3K switch
  • Configure Client PC 802.1X Supplicant
  • Test employee authentication/authorization
  • Configure Client PC to disable 802.1X Supplicant
  • Test guest authentication/authorization using Guest Portal