Latest News
  • Join CCNP Training Course & Get CCNA Absolutely FREE
  • Courses Available Both Online and Classroom
  • Best IT Networking Training Institute in Dubai

CCIE Enterprise Infrastructure Certification and Training

CCIE Enterprise Infrastructure Certification is the highest and most prestigious certification from Cisco. It ranks No. 1 in the 10 Most Difficult IT Certifications list, and is highly-valued worldwide. A CCIE certified individual is an elite title in the field of network engineering, proving their mastery in their domain of Cisco networking. The CCIE Enterprise Certified experts have the required knowledge and skills for the field, including dual-stack(IPv4 and IPv6) architecture, virtualization, infrastructure, network assurance, security, and automation. The quality of the program, the testing methods, and the relevance of this certification enhances its value. At IP Rulers, the classes are facilitated by CCIE Enterprise certified and experienced instructors, and students will be exposed to the latest equipments with grouped as well as one-to-one classes and online tutorials that could be scheduled for weekdays or weekends in accordance to the students’ choice, IP Rulers is fast becoming a leading name in Dubai in providing highly valued Cisco Certificates with a significant pass rate on the first attempt.

Course Details

CCIE Enterprise Infrastructure certification is the avatar of core knowledge and practical skills in the management of the most complex scenarios of the entire IT Enterprise Infrastructure of a network lifecycle (Designing, Deploying, Operating & Optimizing). IP Rulers provide CCIE Enterprise Infrastructure training just as per the course described by the Cisco Security Certification blueprint.

The new method adapted for CCIE Exam is given below, which have vital parts known as Design, Deploy, Operate & Optimize.

The CCIE Enterprise certification is achieved with two exams:



350-401 ENCOR: Implementing and Operating Cisco Enterprise Network Core Technologies

The 120-minute, Implementing and Operating Cisco Enterprise Core Technologies v1.0 (ENCOR 350-401) exam is associated with the CCNP Enterprise, Cisco Certified Specialist (with core subject Enterprise), and CCIE Enterprise Certifications. It tests a candidate’s knowledge of enterprise infrastructure including dual-stack(IPv4 and IPv6) architecture, virtualization, infrastructure, network assurance, security, and automation. Clearing this exam gives a Specialist Certification, so as to recognize all accomplishments of the candidate.


CCIE Enterprise Infrastructure v1.0 Lab Exam

The 8-hour Cisco CCIE Enterprise Infrastructure (v1.0) Practical Exam is a hands-on exam that requires a candidate to plan, design, deploy, operate, and optimize network security solutions according to the given scenarios.

CCIE Lab Exam summary

CCIE lab exam has two modules. Module 1 will be a 3-hour, scenario-based session, which will discuss the Design part. Module 2 will be a 5-hour session to discuss Deploy, Operate & Optimize parts of the exam.

CCIE Exam Score Evaluation :

Candidates who score higher than the aggregated pass score of both modules and also higher than the minimum score set on each individual module, clear the exam.

Target Audience:

  • Network engineers attempting the core exam – Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR 350- 401).
  • Network engineers who have five to seven years of professional experience in designing, deploying, operating and optimizing enterprise networking technologies.
  • Network designers who design and support complex network technologies and topologies.
  • Network engineers who use an expert-level problem-solving process (including options analysis) to support complex network technologies and topologies.
  • IT students and professionals seeking strong expertise in the subject and an internationally recognized qualification in the same for prospective jobs.
  • Candidates with CCNP R&S Certification, moving on to expert levels.
  • Aspirants in the following job profiles:
    • Network Designer
    • Network Administrator
    • Consulting Systems Engineer
    • Technical Solutions Architect
    • Network Manager
    • Cisco Integrators and partners


  • The CCIE Enterprise Infrastructure does not require any particular qualification for attendance of the course. However, comprehensive knowledge of the subjects is necessary for attending the examinations.
  • Five to seven years’ experience in networking field, especially in designing, deploying, operating and optimizing security technologies will be an advantage to attempt the CCIE examination.

Course outline

Loader image

1.1 Switched campus
  • Switch administration
  • Managing MAC address table
  • Errdisable recovery
  • L2 MTU
  • Layer 2 protocols
  • UDLD
  • VLAN technologies
  • Access ports
  • Trunk ports (802.1Q)
  • Native VLAN
  • Manual VLAN pruning
  • VLAN database
  • Normal range and extended range VLANs
  • Voice VLAN
  • VTP
  • EtherChannel
  • LACP, static
  • Layer 2, Layer 3
  • Load balancing
  • EtherChannel Misconfiguration Guard
  • Spanning- Tree Protocol
  • PVST+, Rapid PVST+, MST
  • Switch priority, port priority, path cost, STP timers
  • PortFast, BPDU Guard, BPDU Filter
  • Loop Guard, Root Guard
1.2 Routing Concepts
  • Administrative distance
  • VRF-lite
  • Static routing
  • Policy Based Routing
  • VRF aware routing with any routing protocol
  • Route filtering with any routing protocol
  • Manual summarization with any routing protocol
  • Redistribution between any pair of routing protocols
  • Routing protocol authentication
  • Bidirectional Forwarding Detection
  • Adjacencies
  • Best path selection
  • RD, FD, FC, successor, feasible successor
  • Classic Metrics and Wide Metrics
  • Operations
  • General operations
  • Topology table
  • Packet types
  • Stuck In Active
  • Graceful shutdown
  • EIGRP load-balancing
  • Equal-cost
  • Unequal-cost
  • Add-path
  • EIGRP Named Mode
  • Optimization, convergence and scalability
  • Fast convergence requirements
  • Query propagation boundaries
  • IP FRR (single hop)
  • Leak-map with summary routes
  • EIGRP stub with leak map
1.4 OSPF (v2 and v3)
  • Adjacencies
  • Network types, area types
  • Path preference
  • Operations
  • General operations
  • Graceful shutdown
  • GTSM (Generic TTL Security Mechanism)
  • Optimization, convergence and scalability
  • Metrics
  • LSA throttling, SPF tuning, fast hello
  • LSA propagation control (area types)
  • Stub router
  • Loop-free alternate
  • Prefix suppression
1.5 BGP
  • IBGP and EBGP peer relationships
  • Peer-group/update-group, template
  • Active, passive
  • Timers
  • Dynamic neighbors
  • 4-bytes AS numbers
  • Private AS
  • Path selection
  • Attributes
  • Best path selection algorithm
  • Load-balancing
  • Routing policies
  • Attribute manipulation
  • Conditional advertisement
  • Outbound Route Filtering
  • Standard and extended communities
  • Multi-homing
  • AS path manipulations
  • local-AS, allowas-in, remove-private-as
  • Prepend
  • Regexp
  • Convergence and scalability
  • Route reflector
  • Aggregation, as-set
  • Other BGP features
  • Multipath, add-path
  • Soft reconfiguration, Route Refresh
1.6 Multicast
  • Layer 2 multicast
  • IGMPv2, IGMPv3
  • IGMP Snooping, PIM Snooping
  • IGMP Querier
  • IGMP Filter
  • MLD
  • Reverse path forwarding check
  • PIM
  • Sparse Mode
  • Static RP, BSR, AutoRP
  • Group to RP Mapping
  • Bidirectional PIM
  • Source-Specific Multicast
  • Multicast boundary, RP announcement filter
  • PIMv6 Anycast RP
  • IPv4 Anycast RP using MSDP
  • Multicast multipath

2.1 Cisco SD Access
  • 2.1.a Design a Cisco SD Access solution
  • 2.1.a i Underlay network (IS-IS, manual/PnP)
  • 2.1.a ii Overlay fabric design (LISP, VXLAN, Cisco TrustSec)
  • 2.1.a iii Fabric domains (single-site and multi-site using SD-WAN transit)
  • 2.1.b Cisco SD Access deployment
  • 2.1.b i Cisco DNA Center device discovery and device management
  • 2.1.b ii Add fabric node devices to an existing fabric
  • 2.1.b iii Host onboarding (wired endpoints only)
  • 2.1.b iv Fabric border handoff
  • 2.1.c Segmentation
  • 2.1.c i Macro-level segmentation using VNs
  • 2.1.c ii Micro-level segmentation using SGTs (using Cisco ISE)
  • 2.1.d Assurance
  • 2.1.d i Network and client health (360)
  • 2.1.d ii Monitoring and troubleshooting
2.2 Cisco SD-WAN
  • 2.a Design a Cisco SD-WAN solution
  • 2.a i Orchestration plane (vBond, NAT)
  • 2.a ii Management plane (vManage)
  • 2.a iii Control plane (vSmart, OMP)
  • 2.a iv Data plane (vEdge/cEdge)
  • 2.b WAN edge deployment
  • 2.b i Onboarding new edge routers
  • 2.b ii Orchestration with zero-touch provisioning/Plug-And-Play
  • 2.b iii OMP
  • 2.b iv TLOC
  • 2.c Configuration templates
  • 2.d Localized policies
  • 2.e Centralized policies

3.1 MPLS
  • Operations
  • Label stack, LSR, LSP
  • LDP
  • MPLS ping, MPLS traceroute
  • L3VPN
  • PE-CE routing
  • MP-BGP VPNv4/VPNv6
  • Extranet (route leaking)
  • Troubleshoot DMVPN Phase 3 with dual-hub
  • NHRP
  • IPsec/IKEv2 using pre-shared key
  • Per-Tunnel QoS
  • Identify use-cases for FlexVPN
  • Site-to-site, Server, Client, Spoke-to-Spoke
  • IPsec/IKEv2 using pre-shared key
  • MPLS over FlexVPN

4.1 Device Security on Cisco IOS XE
  • Control plane policing and p rotection
  • AAA
4.2 Network Security
  • Switch security features
  • Storm control
  • DHCP Snooping, DHCP option 82
  • IP Source Guard
  • Dynamic ARP Inspection
  • Port Security
  • Private VLAN
  • Router security features
  • IPv6 Traffic Filters
  • IPv4 Access Control Lists
  • Unicast Reverse Path Forwarding
  • IPv6 infrastructure security features
  • RA Guard
  • DHCP Guard
  • Binding table
  • Device tracking
  • Inspection/Snooping
  • Source Guard
  • IEEE 802.1X Port-Based Authentication
  • Device roles, port states
  • Authentication process
  • Host modes
4.3 System Management
  • Device management
  • Console and VTY
  • SSH, SCP
  • SNMP
  • v2c
  • v3
  • Logging
  • Local logging, syslog, debugs, conditional debugs
  • Timestamps
4.4 Quality of Service
  • End to end L3 QoS using MQC
  • DiffServ
  • CoS and DSCP Mapping
  • Classification
  • Network Based Application Recognition (NBAR)
  • Marking using IP Precedence, DSCP, CoS
  • Policing, shaping
  • Congestion management and avoidance
  • HQoS, Sub-rate Ethernet Link
4.5 Network Services
  • First-Hop Redundancy Protocols
  • Redundancy using IPv6 RS/RA
  • Network Time Protocol
  • Master, client
  • Authentication
  • DHCP on Cisco IOS
  • Client, server, relay
  • Options
  • SLAAC/DHCPv6 interaction
  • Stateful, stateless DHCPv6
  • DHCPv6 Prefix Delegation
  • IPv4 Network Address Translation
  • Static NAT, PAT
  • Dynamic NAT, PAT
  • Policy-based NAT, PAT
  • VRF aware NAT, PAT
  • IOS-XE VRF-Aware Software Infrastructure (VASI) NAT
4.6 Network optimization
  • IP SLA
  • ICMP probes
  • UDP probes
  • TCP probes
  • Tracking object
  • Flexible Netflow
4.7 Network operations
  • Traffic capture
  • SPAN
  • Embedded Packet Capture
  • Cisco IOS-XE troubleshooting tools
  • Packet Trace
  • Conditional debugger (debug platform condition)

5.1 Data encoding formats
  • JSON
  • XML
5.2 Automation and scripting
  • EEM applets
  • Guest shell
  • Linux environment
  • CLI Python module
  • EEM Python module
5.3 Programmability
  • Interaction with vManage API
  • Python requests library and Postman
  • Monitoring endpoints
  • Configuration endpoints
  • Interaction with Cisco DNA Center API
  • HTTP request (GET, PUT, POST) via Python requests library and Postman
  • Interaction with Cisco IOS XE API
  • Via NETCONF/YANG using Python ncclient library
  • Via RESTCONF/YANG using Python requests library and Postman
  • Deploy and verify model-driven telemetry
  • Configure on-change subscription using gRPC

Lab Infrastructure

IP Rulers has a fully equipped lab, specially designed for the CCIE Enterprise Infrastructure training, with an enhanced lab topology that represent real world network. Students will have the following equipment and software configured for their training; they may also get the chance to see newer hardware and software during this period.

Equipment and Software list

Virtual machines

  • Cisco CSR 1000v Series Cloud Services Routers with Cisco IOS XE SD-WAN Release 16.12
  • Cisco IOSv with Cisco IOS Software Release 15.8
  • Cisco IOSv-L2 with Cisco IOS Software Release 15.2
  • Cisco SD-WAN (vManage, vBond, vSmart, vEdge) Software Release 18.4
  • Cisco DNA Center Release 1.3.1

Physical Equipment

  • Cisco Catalyst 9300 Series Switches Release 16.12

Supporting virtual machines

  • Cisco Identity Services Engine 2.6
  • Microsoft Windows 10 Professional
  • Ubuntu Desktop 18.04 LTS

Trainer's Profile

IP Rulers is managed by an expert team of trainers with over ten years’ experience in the industry and in hands-on training.
All the trainers have multiple CCIEs in their respective areas of interest.
Individual trainers’ profiles can be provided upon request by email, along with demos and LinkedIn profiles.
Online and classroom demos are also available upon request.

Training Schedule

IP Rulers has a training schedule that can suit anyone, whether it be in groups or one-on-one, classroom-based or online or onsite corporate training, on weekdays or weekends. Each course has a duration of 120 hours. For more information, please consult training coordinators.

CCIE -Training Schedule


Weekdays (Mon - Fri)

Weekend (Sat - Sun)


Classroom / Online

Classroom / Online


120 Hours

120 Hours


2 Month

3 Month



Training Type



20 March 2023


Classroom / Online

Weekdays (Mon-Fri)

25 March 2023


Classroom / Online

Weekend (Sat-Sun)


Job roles of elite executives in the fast-paced world of Enterprise network .
Industry-level knowledge and direct experience in implementation of core Cisco enterprise infrastructure solutions.
Ability to recognize customer requirements and support proposed solutions.
Enhanced job opportunities with sky-high career growth, coupled with respectable compensations.
Expertise in all stages of implementing complex networking solutions – from creation and analysis, to operation and optimization.
Essential skills in networking automation and network programmability in the fast-changing world of technology.
Specialist Certification for clearing the qualifying exam.
Authority to link the CCIE Certification Badge to all social media profiles.


Call now