Description

This curriculum spans the technical and operational rigor of a multi-phase network modernization program, matching the depth of work conducted during enterprise-wide infrastructure assessments or architecture advisory engagements.

Module 1: Traffic Analysis and Performance Baseline Establishment

Select packet capture tools (e.g., Wireshark, NetFlow collectors) based on encryption overhead and sampling accuracy in high-throughput environments.
Define performance thresholds for latency, jitter, and packet loss per application class (e.g., VoIP vs. bulk data transfer).
Implement time-synchronized monitoring across distributed sites using NTP to ensure consistent baseline measurements.
Exclude backup and patching traffic windows from baseline calculations to avoid skewing normal operational profiles.
Configure SNMP polling intervals to balance monitoring granularity with device CPU load on core switches.
Document application-to-port mappings for non-standard services to ensure accurate traffic classification.

Module 2: Bandwidth Management and QoS Implementation

Classify traffic into service tiers (e.g., real-time, transactional, background) using DSCP marking at the source.
Configure hierarchical queuing on edge routers to enforce bandwidth limits per department or business unit.
Deploy access control lists (ACLs) to prevent unauthorized DSCP tag manipulation by end-user devices.
Test QoS policies under congestion scenarios using traffic shaping tools to simulate WAN link saturation.
Align QoS configurations with SLAs from upstream ISPs, particularly for MPLS or SD-WAN circuits.
Maintain a centralized QoS policy register to ensure consistency across multi-vendor network equipment.

Module 3: WAN Optimization and Link Aggregation

Evaluate TCP optimization features (e.g., SACK, window scaling) against application behavior in high-latency links.
Deploy WAN accelerators with deduplication at branch offices, considering cache size versus memory contention.
Configure ECMP paths with consistent hashing algorithms to prevent out-of-order packet delivery.
Integrate LTE failover links with dynamic routing metrics to ensure rapid convergence during primary link failure.
Monitor compression ratios on encrypted traffic to assess the diminishing returns of WAN optimization.
Coordinate MTU settings across all aggregation points to prevent fragmentation in jumbo frame environments.

Module 4: Network Virtualization and Overlay Design

Select encapsulation protocols (e.g., VXLAN, GRE) based on underlay multicast support and hardware VTEP availability.
Size VNI pools per tenant to accommodate future segmentation without exhausting the 24-bit namespace.
Implement control plane separation between underlay and overlay using distinct routing protocols or controllers.
Configure head-end replication limits for broadcast traffic in large-scale VXLAN environments.
Enforce micro-segmentation policies at the hypervisor level to prevent lateral movement in multi-tenant clouds.
Validate overlay tunnel stability under control plane stress using synthetic BFD probes.

Module 5: Routing Protocol Optimization

Tune OSPF hello and dead intervals on low-bandwidth WAN links to reduce unnecessary adjacency churn.
Design EIGRP stub routers at branch locations to minimize query propagation during topology changes.
Implement route summarization at area boundaries to reduce LSDB size and SPF calculation frequency.
Filter BGP routes based on AS path length and community tags to prevent suboptimal path selection.
Configure dampening parameters for unstable BGP prefixes to suppress route flapping without delaying convergence.
Validate routing table consistency across redundant route reflectors in large-scale deployments.

Module 6: Monitoring, Alerting, and Root Cause Analysis

Define alert suppression rules for correlated events to reduce noise during network-wide outages.
Integrate NetFlow and SNMP data into a time-series database for cross-layer performance correlation.
Configure synthetic transaction tests (e.g., ICMP, DNS, HTTP) at intervals aligned with SLA reporting periods.
Use flow-based anomaly detection to identify DDoS attacks or data exfiltration patterns.
Implement role-based access to monitoring dashboards to restrict visibility based on operational responsibility.
Archive raw packet captures for forensic analysis with retention policies aligned with compliance requirements.

Module 7: Change Management and Operational Governance

Require pre-change network modeling to predict impact on routing convergence and QoS behavior.
Enforce a maintenance window policy that coordinates with application teams for critical path services.
Use version-controlled configuration management (e.g., Git) to track CLI changes across network devices.
Conduct post-implementation reviews to document unintended side effects on traffic patterns.
Standardize rollback procedures with automated scripts for failed firmware upgrades.
Integrate network change logs with ITSM platforms to support audit and compliance reporting.

Module 8: Capacity Planning and Future-State Modeling

Project bandwidth growth using historical utilization trends and business initiatives (e.g., cloud migration).
Model the impact of video conferencing adoption on peak-hour link utilization across core-distribution layers.
Assess hardware lifecycle data to schedule refresh cycles before performance degradation affects SLAs.
Simulate network expansion scenarios using topology modeling tools before deploying new sites.
Factor in power and cooling constraints when planning high-density switch deployments.
Validate scalability of control plane protocols under projected node and prefix counts.