CCNP Enterprise Certification and Training


CCNP Enterprise Certification and Training

IP Rulers is the new face of CCNP Enterprise Certification and Training in Dubai, UAE, which provides both online and classroom-based training in the latest cutting-edge technologies in the IT infrastructure and networking portfolio. With grouped as well as one-to-one classes and online tutorials that could be scheduled for weekdays or weekends in accordance to the students’ choice, IP Rulers is fast becoming a leading name in Dubai in providing a highly valued Cisco Certificate, with a 100% pass rate on the first attempt. Students can choose between different concentration topics to go with the core topic to customize their certification and keep in touch with the dynamic technologies in the field, all with the help of IP Rulers.

The IP Rulers CCNP Enterprise Certification Program is a testimony to a candidate’s networking skills. It provides in-depth technology classes in a few additional subjects along with the former CCNP Routing and Switching, CCNP Wireless and CCDP course, led by an expert team of trainers who have multiple CCIEs with experience in the industry and hands-on training. Clearing two assessments, one in the core subject, and one in the concentration subject, accrues the Certification, hence enabling focus and customization in any one technical area according to the candidate’s selection.

Target Audience:

  • Network engineers seeking skill enrichment in specific technologies to nourish their passion and career.
  • IT students and professionals seeking strong expertise in the subject and an internationally recognized qualification in the same for prospective jobs.
  • Aspirants seeking following job profiles in Routing and Switching, Wireless, and Network Enterprise Designing.
    • Network Engineer
    • Network Designer
    • Network Administrator
    • Consulting Systems Engineer
    • Technical Solutions Architect
    • Server Administrators
    • Network Manager
    • Cisco Integrators and partners


  • The CCNP Enterprise does not require any particular qualification for attendance of the course. However, comprehensive knowledge of the subjects is necessary for attending the examinations.
  • A CCNA certificate is not necessary. Students can appear for CCNP EI examinations if they have the equivalent theoretical and practical knowledge.
  • Experience in networking field will be an advantage to attempt the CCNP examination.
  • Internationally valued certification from Cisco.
  • Specialist Certification in any CCNP exam, whether it be core or concentration.
  • Eligibility to attend the CCIE Enterprise (Infrastructure/Wireless) Lab Exam directly by passing the CCNP Core Examination.
  • Combined benefits of CCNP Routing and Switching, CCNP Wireless and CCDP.
  • Constant acquaintance to the dynamic technologies in the IT field.
  • Refreshment in regular concepts of Enterprise Technologies along with Automation.
  • Authority to link the CCNP Certification Badge to all social media profiles.

Babu Varghese

Senior Cloud & Security Specialist


Certified instructor with 20+ years of experience in the field of cloud and cybersecurity. Proven success in leveraging educational theories and methodologies to design, develop, and deliver successful training programs and integrate instructional technology to provide onsite and virtual training. Babu has helped IPRULERS in setting the bar for cloud and cyber security training and helping thousands of engineers to obtain their own certifications. He excels in corporate training and has excellent interpersonal skills that make him stand out. Babu has proven his knowledge and skills in delivering training for the Microsoft, Amazon, f5, Check Point, EC-Council, CompTIA & Cisco etc.

Vivek Gunasekaran

Senior Technical Instructor

CCIE Enterprise Infrastructure

Vivek has over 5 years of experience in consulting and giving training to IT professionals to obtain their certifications in Cisco & CompTIA. Designed, developed and delivered online and classroom training for the corporate professionals.


80 Hours



Skill Level








Share :

Course Curriculam

Architecture (15%)
  1. Explain the different design principles used in an enterprise network
  • Enterprise network design such as Tier 2, Tier 3, and Fabric Capacity planning
  • High availability techniques such as redundancy, FHRP, and SSO
  1. Analyze design principles of a WLAN deployment
  • Wireless deployment models (centralized, distributed, controller-less, controller based, cloud, remote branch)
  • Location services in a WLAN design
  1. Differentiate between on-premises and cloud infrastructure deployments
  2. Explain the working principles of the Cisco SD-WAN solution
  • SD-WAN control and data planes elements
  • Traditional WAN and SD-WAN solutions
  1. Explain the working principles of the Cisco SD-Access solution
  • SD-Access control and data planes elements
  • Traditional campus interoperating with SD-Access
  1. Describe concepts of wired and wireless QoS
  • QoS components
  • QoS policy
  1. Differentiate hardware and software switching mechanisms
  • Process and CEF
  • MAC address table and TCAM
  • FIB vs. RIB
Virtualization (20%)
  1. Describe device virtualization technologies
  • Hypervisor type 1 and 2
  • Virtual machine
  • Virtual switching
  1. Configure and verify data path virtualization technologies
  • VRF
  • GRE and IPsec tunneling
  1. Describe network virtualization concepts
  • LISP
Infrastructure (30%)
  1. Layer 2
  • Troubleshoot static and dynamic 802.1q trunking protocols
  • Troubleshoot static and dynamic EtherChannels
  • Configure and verify common Spanning Tree Protocols (RSTP and MST)
  1. Layer 3
  • Compare routing concepts of EIGRP and OSPF (advanced distance vector vs. linked state, load balancing, path selection, path operations, metrics)
  • Configure and verify simple OSPF environments, including multiple normal areas, summarization, and filtering (neighbor adjacency, point-to-point and broadcast network types, and passive interface)
  • Configure and verify eBGP between directly connected neighbors (best path selection algorithm and neighbor relationships)
  1. Wireless
  • Describe Layer 1 concepts, such as RF power, RSSI, SNR, interference noise, band and channels, and wireless client devices capabilities
  • Describe AP modes and antenna types
  • Describe access point discovery and join process (discovery algorithms, WLC selection process)
  • Describe the main principles and use cases for Layer 2 and Layer 3 roaming
  • Troubleshoot WLAN configuration and wireless client connectivity issues
  1. IP Services
  • Describe Network Time Protocol (NTP)
  • Configure and verify NAT/PAT
  • Configure first hop redundancy protocols, such as HSRP and VRRP
  • Describe multicast protocols, such as PIM and IGMP v2/v3
Network Assurance (10%)
  1. Diagnose network problems using tools such as debugs, conditional debugs,

trace route, ping, SNMP, and syslog

  1. Configure and verify device monitoring using syslog for remote logging
  2. Configure and verify NetFlow and Flexible NetFlow
  3. Configure and verify SPAN/RSPAN/ERSPAN
  4. Configure and verify IPSLA
  5. Describe Cisco DNA Center workflows to apply network configuration, monitoring,

and management

  1. Configure and verify NETCONF and RESTCONF
Security (20%)
  1. Configure and verify device access control
  • Lines and password protection
  • Authentication and authorization using AAA
  1. Configure and verify infrastructure security features
  • ACLs
  • CoPP
  1. Describe REST API security
  2. Configure and verify wireless security features
  • EAP
  • WebAuth
  • PSK
  1. Describe the components of network security design
  • Threat defense
  • Endpoint security
  • Next-generation firewall
  • TrustSec, MACsec
  • Network access control with 802.1X, MAB, and WebAuth
Automation (15%)
  1. Interpret basic Python components and scripts
  2. Construct valid JSON encoded file
  3. Describe the high-level principles and benefits of a data modeling language,

such as YANG

  1. Describe APIs for Cisco DNA Center and vManage
  2. Interpret REST API response codes and results in payload using Cisco DNA Center


  1. Construct EEM applet to automate configuration, troubleshooting, or data


  1. Compare agent vs. agentless orchestration tools, such as Chef, Puppet, Ansible, and


Layer 3 Technologies (35%)

  1. Troubleshoot administrative distance (all routing protocols)
  2. Troubleshoot route map for any routing protocol (attributes, tagging, filtering)
  3. Troubleshoot loop prevention mechanisms (filtering, tagging, split horizon, route poisoning)
  1. Troubleshoot redistribution between any routing protocols or routing sources
  2. Troubleshoot manual and auto-summarization with any routing protocol
  3. Configure and verify policy-based routing
  4. Configure and verify VRF-Lite
  5. Describe Bidirectional Forwarding Detection
  6. Troubleshoot EIGRP (classic and named mode)
  • Address families (IPv4, IPv6)
  • Neighbor relationship and authentication
  • Loop-free path selections (RD, FD, FC, successor, feasible successor, stuck in active)
  • Stubs
  • Load balancing (equal and unequal cost)
  • Metrics
  1. Troubleshoot OSPF (v2/v3)
  • Address families (IPv4, IPv6)
  • Neighbor relationship and authentication
  • Network types, area types, and router types
  • Point-to-point, multipoint, broadcast, nonbroadcast
  • Area type: backbone, normal, transit, stub, NSSA, totally stub
  • Internal router, backbone router, ABR, ASBR
  • Virtual link
  • Path preference
  1. Troubleshoot BGP (Internal and External)
  • Address families (IPv4, IPv6)
  • Neighbor relationship and authentication (next-hop, mulithop, 4-byte AS, private AS, route refresh, synchronization, operation, peer group, states and timers)
  • Path preference (attributes and best-path)
  • Route reflector (excluding multiple route reflectors, confederations, dynamic peer)
  • Policies (inbound/outbound filtering, path manipulation)
VPN Technologies (20%)
  1. Describe MPLS operations (LSR, LDP, label switching, LSP)
  2. Describe MPLS Layer 3 VPN
  3. Configure and verify DMVPN (single hub)
  • GRE/mGRE
  • NHRP
  • IPsec
  • Dynamic neighbor
  • Spoke-to-spoke
Infrastructure Security (20%)
  1. Troubleshoot device security using IOS AAA (TACACS+, RADIUS, local database)
  2. Troubleshoot router security features
  • IPv4 access control lists (standard, extended, time-based)
  • IPv6 traffic filter
  • Unicast reverse path forwarding (uRPF)
  1. Troubleshoot control plane policing (CoPP) (Telnet, SSH, HTTP(S), SNMP, EIGRP, OSPF, BGP)
  1. Describe IPv6 First Hop security features (RA guard, DHCP guard, binding table, ND inspection/snooping, source guard)
Infrastructure Services (25%)
  1. Troubleshoot device management
  • Console and VTY
  • Telnet, HTTP, HTTPS, SSH, SCP
  • (T)FTP
  1. Troubleshoot SNMP (v2c, v3)
  2. Troubleshoot network problems using logging (local, syslog, debugs, conditional debugs, timestamps)
  1. Troubleshoot IPv4 and IPv6 DHCP (DHCP client, IOS DHCP server, DHCP relay, DHCP options)
  1. Troubleshoot network performance issues using IP SLA (jitter, tracking objects, delay, connectivity)
  1. Troubleshoot NetFlow (v5, v9, flexible NetFlow)
  2. Troubleshoot network problems using Cisco DNA Center assurance (connectivity, monitoring, device health, network health)
Architecture (20%)
  1. Describe Cisco SD-WAN Architecture and Components
    • Orchestration plane (vBond, NAT)
    • Management plane (vManage)
    • Control plane (vSmart, OMP)
    • Data plane (vEdge)
    • TLOC
    • IPsec
    • vRoute
    • BFD
  2. Describe WAN Edge platform types, capabilities (vEdges, cEdges)
Controller Deployment (15%)
  1. Describe controller cloud deployment
  2. Describe Controller on-Prem Deployment
  • Hosting platform (KVM/Hypervisor)
  • Installing controllers
  • Scalability and redundancy
  1. Configure and verify certificates and whitelisting

4.Troubleshoot control-plane connectivity between controllers

Router Deployment (20%)
  1. Describe WAN Edge deployment
    • On-boarding
    • Orchestration with zero-touch provisioning/plug-and-play
    • Single/multi data center/regional hub deployments
  1. Configure and verify SD-WAN data plane
  • Circuit termination/TLOC-extension
  • Underlay-overlay connectivity
  1. Configure and verify OMP
  2. Configure and verify TLOCs
  3. Configure and verify CLI and vManage feature configuration templates
  • VRRP
  • OSPF
  • BGP
Policies (20%)
  1. Configure and verify control policies
  2. Configure and verify data policies
  3. Configure and verify end-to-end segmentation
  • VPN segmentation
  • Topologies
  1. Configure and verify SD-WAN application-aware routing
  2. Configure and verify direct Internet access
Security and Quality of Service (15%)
  1. Configure and verify service insertion
  2. Describe application-aware firewall
  3. Configure and verify QoS treatment on WAN edge routers
  • Scheduling
  • Queuing
  • Shaping
  • Policing
Management and Operations (10%)
  1. Describe monitoring and reporting from vManage
  2. Configure and verify monitoring and reporting
  3. Describe REST API monitoring
  4. Describe software upgrade from vManage
Advanced Addressing and Routing Solutions (25%)
  1. Create structured addressing plans for IPv4 and IPv6
  2. Create stable, secure, and scalable routing designs for IS-IS
  1. Create stable, secure, and scalable routing designs for EIGRP
  2. Create stable, secure, and scalable routing designs for OSPF
  3. Create stable, secure, and scalable routing designs for BGP
    • Address families
    • Basic route filtering
    • Attributes for path preference
    • Route reflectors
    • Load sharing
  1. Determine IPv6 migration strategies
  • Overlay (tunneling)
  • Native (dual-stacking)
  • Boundaries (IPv4/IPv6 translations)
Advanced Enterprise Campus Networks (25%)
  1. Design campus networks for high availability
  • First Hop Redundancy Protocols
  • Platform abstraction techniques
  • Graceful restart
  • BFD
  1. Design campus Layer 2 infrastructures
  • STP scalability
  • Fast convergence
  • Loop-free technologies
  • PoE and WoL
  1. Design multicampus Layer 3 infrastructures
  • Convergence
  • Load sharing
  • Route summarization
  • Route filtering
  • VRFs
  • Optimal topologies
  • Redistribution
  1. Describe SD-Access Architecture (underlay, overlay, control and data plane, automation, wireless, and security)
  2. Describe SD-Access fabric design considerations for wired and wireless access (overlay, fabric design, control plan design, border design, segmentation, virtual networks, scalability, over the top and fabric for wireless, multicast)
WAN for Enterprise Networks (20%)
  1. Compare WAN connectivity options
  • Layer 2 VPN
  • MPLS Layer 3 VPN
  • Metro Ethernet
  • DWDM
  • 4G/5G
  • SD-WAN customer edge
  1. Design site-to-site VPN
  • Dynamic Multipoint VPN (DMVPN)
  • Layer 2 VPN
  • MPLS Layer 3 VPN
  • IPsec
  • Generic Routing Encapsulation (GRE)
  • Group Encrypted Transport VPN (GET VPN)
  1. Design high availability for enterprise WAN
  • Single-homed
  • Multihomed
  • Backup connectivity
  • Failover
  1. Describe Cisco SD-WAN Architecture (orchestration plane, management plane, control plane, data plane, on-boarding and provisioning, security)
  2. Describe Cisco SD-WAN design considerations (control plane design, overlay design, LAN design, high availability, redundancy, scalability, security design, QoS and multicast over SD-WAN fabric)
Network Services (20%)
  1. Select appropriate QoS strategies to meet customer requirements (DiffServ, IntServ)
  1. Design end-to-end QoS policies
    • Classification and marking
    • Shaping
    • Policing
    • Queuing
  1. Design network management techniques
  • In-band vs. out-of-band
  • Segmented management networks
  • Prioritizing network management traffic
  1. Describe multicast routing concepts (source trees, shared trees, RPF,

rendezvous points)

  1. Design multicast services (SSM, PIM bidirectional, MSDP)
Automation (10%)
  1. Choose the correct YANG data model set based on requirements
  2. Differentiate between IETF, Openconfig, and Cisco native YANG models
  3. Differentiate between NETCONF and RESTCONF
  4. Describe the impact of model-driven telemetry on the network
  • Periodic publication
  • On-change publication
  1. Compare dial-in and dial-out approaches to model-driven telemetry
Wireless Site Survey (25%)
  1. Collect design requirements and evaluate constraints
    • Client density
    • Real time applications
    • AP type
    • Deployment type (data, location, voice, video)
    • Security
  2. 2. Describe material attenuation and its effect on wireless design
  3. Perform and analyze a Layer 1 site survey
  4. Perform a pre-deployment site survey
  5. Perform a post deployment site survey
  6. Perform a predictive site survey
  7. Utilize planning tools and evaluate key network metrics (Ekahau, AirMagnet, PI, Chanalyzer, Spectrum Analyzer)
Wired and WirelessInfrastructure (30%)
  1. Determine physical infrastructure requirements such as AP power, cabling, switch port capacity, mounting, and grounding
  2. Determine logical infrastructure requirements such as WLC/AP licensing requirements based on the type of wireless architecture
  1. Design radio management
  • RRM
  • RF profiles
  • RxSOP
  1. Apply design requirements for these types of wireless networks
  • Data
  • Voice and video
  • Location
  • Hyperlocation
  1. Design high-density wireless networks and their associated components (campus, lecture halls, conference rooms)
  1. Design wireless bridging (mesh)
  • Modes of operation
  • Ethernet bridging
  • WGB and roaming
Mobility (25%)
  1. Design mobility groups based on mobility roles
  2. Optimize client roaming
  3. Validate mobility tunneling for data and control path
WLAN High Availability (20%)
  1. Design high availability for controllers
  • Network availability through LAG
  • Stateful Switchover (SSO)
  • Anchor controller priority and redundancy
  1. Design high availability for Aps
  • AP prioritization
  • Fall-back (assigning primary, secondary, and tertiary)
FlexConnect (15%)
  1. Deploy FlexConnect components such as switching and operating modes
  2. Deploy FlexConnect capabilities
    • FlexConnect groups and roaming
    • Split tunneling and fault tolerance
    • VLAN-based central switching and Flex ACL
    • Smart AP image upgrade1.3Implement Office Extend
QoS on a Wireless Network (10%)
  1. Implement QoS schemes based on requirements including wired to wireless mapping
  1. Implement QoS for wireless clients
  2. Implement AVC including Fastlane (only on WLC)
Multicast (10%)
  1. Implement multicast components
  2. Describe how multicast can affect wireless networks
  3. Implement multicast on a WLAN
  4. Implement mDNS
  5. Implement Multicast Direct
Location Services (10%)
  1. Deploy MSE and CMX on a wireless network
  2. Implement location services
    • client tracking
    • RFID tags (tracking only)
    • Interferers
    • Rogue Aps
    • Clients
Advanced Location Services (10%)
  1. Implement CMX components
  • Detect and locate
  • Analytics
  • Presence services
  1. Implement location-aware guest services using custom portal and Facebook Wi-Fi
  1. Troubleshoot location accuracy using Cisco Hyperlocation
  2. Troubleshoot CMX high availability
  3. Implement wIPS using MSE
Security for Wireless Client Connectivity (20%)
  1. Configure client profiling on WLC and ISE
  2. Implement BYOD and guest
    • CWA using ISE (including self-registration portal)
    • LWA using ISE or WLC
    • Native supplicant provisioning using ISE
    • Certificate provisioning on the controller

Implement 802.1X and AAA on different wireless architectures and ISE6.4Implement Identity-Based Networking on different wireless architectures (VLANs, QoS, ACLs)

Monitoring (15%)
  1. Utilize reports on PI and Cisco DNA center
  2. Manage alarms and rogues (APs and clients)
  • WLC
  • PI
  • Cisco DNA center
  1. Manage RF interferers
  • WLC
  • PI
  • Cisco DNA center
  1. Troubleshoot client connectivity
  • WLC
  • ISE
  • PI
  • Cisco DNA center
Device Hardening (10%)
  1. Implement device access controls (including RADIUS and TACACS+)
  2. Implement access point authentication (including 802.1X) 8.3Implement CPU ACLs on the controller
Network Programmability Foundation (10%)
  1. Utilize common version control operations with git (add, clone, push, commit, diff, branching, merging conflict)
  1. Describe characteristics of API styles (REST and RPC)
  2. Describe the challenges encountered and patterns used when consuming APIs Synchronously and Asynchronously
  1. Interpret Python scripts containing data types, functions, classes, conditions, and looping
  1. Describe the benefits of Python virtual environments
  2. Explain the benefits of using network configuration tools such as Ansible and Puppet for automating IOS XE platforms
Automate APIs and Protocols (10%)
  1. Identify the JSON instance based on a YANG model
  2. Identify the XML instance based on a YANG model
  3. Interpret a YANG module tree generated per RFC8340
  4. Compare functionality, benefits, and uses of OpenConfig, IETF, and native YANG models
  1. Compare functionality, benefits, and uses of NETCONF and RESTCONF
Network Device Programmability (20%)
  1. Implement device management and monitoring using NetMiko
  2. Construct a Python script using ncclient that uses NETCONF to manage and monitor an IOS XE device
  1. Configure device using RESTCONF API utilizing Python requests library
  2. Utilize Ansible to configure an IOS XE device
  3. Configure a subscription for model driven telemetry on an IOS XE device (CLI, NETCONF, and RESTCONF)
  1. Compare publication and subscription telemetry models
    • Periodic / cadence
    • On-c hange
  1. Describe the benefits and usage of telemetry data in troubleshooting the network
  1. Describe Day 0 provisioning methods
  • iPXE
  • PnP
  • ZTP
Cisco DNA Center (20%)
  1. Compare traditional versus software-defined networks
  2. Describe the features and capabilities of Cisco DNA Center
  • Network assurance APIs
  • Intent APIs
  • Multivendor support (3rd party SDKs)
  • Events and notifications
  1. Implement Cisco DNA Center event outbound webhooks
  2. Implement API requests for Cisco DNA Center to accomplish network management tasks
  • Intent APIs
  • Command Runner APIs
  • Site APIs
  1. Implement API requests for Cisco DNA Center to accomplish network management tasks using these APIs
  • Network discovery and device APIs
  • Template APIs (Apply a template)
  1. Troubleshoot Cisco DNA Center automation process using Intent APIs
Cisco SD-WAN (20%)
  1. Describe features and capabilities of Cisco SD-WAN vManage Certificate Management APIs
  2. Implement a Python script to perform API requests for Cisco SD-WAN vManage Device Inventory APIs to retrieve and display data
  3. Construct API requests for Cisco SD-WAN vManage Administration APIs
  4. Implement a Python script to perform API requests for Cisco SD-WAN vManage Configuration APIs to modify Cisco SD-WAN fabric configuration
  1. Construct API requests for Cisco SD-WAN vManage Monitoring APIs (Including real-time)
  1. Troubleshoot a Cisco SD-WAN deployment using vManage APIs
Cisco Meraki (20%)
  1. Describe features and capabilities of Cisco Meraki
    • Location Scanning APIs
    • MV Sense APIs
    • External Captive Portal APIs
    • WebHook Alert APIs
  1. Create a network using Cisco Meraki APIs
  2. Configure a network using Cisco Meraki APIs
  3. Implement a Python script for Cisco Meraki Alert WebHooks

Download Course Brochure

For More details please download our brochure here.


“Mr. Gigi Vikraman has been very supportive and amazing person. His way of teaching is completely a different style than others where the one who get in depth knowledge about the products. If anyone dream the lucky number, I recommend Gigi.”

Dileep NR

CCIE Collaboration

“It was a great journey with IP Rulers for learning CCNP Enterprise. From the best guidance of Gigi Vikraman Sir, he is very helpful with exceptional teaching skill and he even make every complex topic very easy to understand which is really amazing. Thanks a lot.”

Akhil PJ

CCNP Enterprise

“This was one of the best Network training I have ever attended. The Institute, materials & facilitation was excellent. I recommend this training & Institute to all Network engineers who interested in seeing real progress in their professional carrier.
Thank you again IP Rulers.”

Priji Soman

CCNP Enterprise

Enquire Now

We are here to provide you with comprehensive assistance regarding all the details related to the courses and any other inquiries you may have. Please feel free to reach out to us for guidance and support.

    Scroll to Top