Overview

This AWS Certified Advanced Networking – Specialty instructor-led training course is designed for those seeking to demonstrate their advanced networking skills on the AWS platform. The certification is intended for cloud professionals who design and implement AWS networks or those seeking to gain advanced AWS networking knowledge to further their cloud careers.

COURSE INSTRUCTOR: Faisal Khan
COURSE DIFFICULTY: Advanced
COURSE DURATION: 8h 43m

After completing this online training course, students will be able to:

  • Calculate CIDR
  • Create Security Groups
  • Create Virtual Private Clouds
  • Monitor and mirror VPC Traffic
  • Optimize network performance
  • Better understand the need for private connectivity
  • Better understand Transit Gateway
  • Better understand VPNs and their options with AWS
  • Better understand Public, Private, and Transit VIFs
  • How to setup CloudFront
  • Setup Network security
  • Utilize AWS Firewall services
  • Use Gateway Load Balancer

AWS Certified Advanced Networking – Specialty is intended for individuals who perform complex networking tasks with five years of hands-on experience architecting and implementing network solutions. Before you take this exam, AWS recommends you have:

  • Professional experience using AWS technology, AWS security best practices, AWS storage options and their underlying consistency models, and AWS networking nuances and how they relate to the integration of AWS services.
  • Knowledge of advanced networking architectures and interconnectivity options [e.g., IP VPN, multiprotocol label switching (MPLS), virtual private LAN service (VPLS)].
  • Familiarity with the development of automation scripts and tools. This should include the design, implementation, and optimization of the following: Routing architectures (including static and dynamic); multi-region solutions for a global enterprise; highly available connectivity solutions (e.g., AWS Direct Connect, VPN).
  • Knowledge of CIDR and subnetting (IPv4 and IPv6); IPv6 transition challenges; and generic solutions for network security features, including AWS WAF, intrusion detection systems (IDS), intrusion prevention systems (IPS), DDoS protection, and economic denial of service/sustainability (EDoS).

We recommend that attendees of this course have the following:

  • A current AWS Certified Cloud Practitioner or Associate-level AWS Certification
  • Two or more years of hands-on experience in maintaining and implementing large-scale networks
01. AWS Networking Overview
  • AWS VPC Fundamentals
  • How to Calculate CIDR
  • Subnets, Route Tables, and Internet Gateway
  • IP Addresses in VPC
  • Elastic Network Interface (ENI)
  • Security Groups
  • Network Access Contol List
  • Virtual Private Clouds
  • Network Address Translation
  • Chapter 1 Review
02. AWS VPC Advanced Features
  • Extending VPC Address Space
  • Elastic Network Interfaces
  • VPC Traffic Monitoring
  • VPC Traffic Mirroring
  • VPC DNS and DHCP
  • EC2 Private and Public DNS Names
  • Custom Domain Name (Private)
  • More About DHCP Options Set
  • VPC Private DNS Resolution
  • Hybrid DNS Resolution
  • AWS to On-premises DNS Resolution
  • On-premises to AWS DNS Resolution
  • Bi-directional DNS resolution – Using Simple AD
  • Bi-directional DNS resolution- Using EC2 based DNS Resolver
  • VPC Network Performance and Optimization
  • Optimizing Network Performance
  • Enhanced Networking
  • Network Bandwidth Limits
  • Network I/O Credits
  • Chapter 2 Review
03. Private Connectivity Option in VPC
  • Why Do We Need Private Connectivity
  • VPC Peering
    • VPC Peering Demonstrations
  • Transit Gateway
  • Transit Gateway VPC Attachments
  • Transit Gateway Attachment Specific Routing
  • VPC & Subnet Design for Transit Gateway
  • Transit Gateway Connectivity Options and Architectures
  • Transit Gateway Hybrid Connectivity Options
  • VPC Peering vs Transit Gateway
  • VPC Endpoints
  • VPC Gateway Endpoint
    • VPC Gateway Endpoint Demo
  • VPC Gateway Endpoint and S3 Policies
  • VPC Gateway Endpoint Access From Remote Networks
  • VPC Interface Endpoint (PrivateLink)
  • VPC Interface Endpoint- Accessing AWS Services
  • VPC Interface Endpoint- Accessing Customer Service
  • VPC Interface Endpoint- DNS
  • VPC Interface Endpoint- Remote Access
  • VPC PrivateLink vs VPC Peering
04. Hybrid Network in AWS
  • Networking Basics – OSI Layer
  • How IPSec VPN works
  • VPN Routing – Static vs Dynamic
  • Dynamic Routing Using Border Gateway Protocol
  • AWS Site-to-site VPN
  • VPN NAT Traversal
  • VPN Route Propagaitons
  • VPN Transitive Routing
  • VPN Tunnels and Routing
  • VPN Dead Peer Detection
  • VPN Monitoring
  • AWS Site-to-site VPN Architectures
  • AWS Site-to-site VPN Cloud Hub
  • Amazon EC2 Based VPN
  • Amazon EC2 Based VPN – High Availability
  • Amazon EC2 Based VPN- Horizontal Scaling
  • VPN Scenarios
  • Transit VPC
  • AWS Site-to-site VPN – Appendix
  • AWS Client VPN
  • How to Setup AWS Client VPN
05. AWS Direct Connect
  • What is Direct Connect
  • Direct Connect Components
  • DX Connection Types
  • Direct Connect Setup
    • DX Connection Creation Steps – Demo
  • DX Virtual Interfaces
  • VIF Parameters
  • Public VIF
  • Private VIF
  • Transit VIF
  • Direct Connect Gateway and Virtual Private Gateway
  • Creating DX Gateway Walkthrough
  • AWS DX Gateway and Transit Gateway
  • Routing Between Customer Sites
  • DX and Transit VPC
  • Direct Connect Routing Policies and BGP Communities
  • Public VIF Routing Policies
  • DX Connection Traffic Routing Scenarios Using Routing Policies for Public VIF
  • DX Route Advertisement Scenarios For Public VIF Using BGP Communities
  • Private VIF Routing Policies & BGP Communities
  • Link Aggregation Group
  • Resilient DX Connections
  • Direct Connect fast failover using BFD
  • Direct Connect Security
  • Direct Connect MTU & Jumbo Frames
  • Direct Connect Monitoring
  • Direct Connect Billing
  • Who pays for the DX Charges
  • Troubleshooting DX Issues

Chapter 5 Review

06. Introduction to the AWS Elastic Load Balancer
  • AWS Elastic Load Balancer
07. AWS CloudFront
  • AWS CloudFront – CDN Service
08. Amazon Route 53
  • Amazon Route 53
09. Amazon Network Security
  • Network Security
  • AWS Firewall Services
  • Web Application Firewall
  • AWS Shield
  • AWS Network Firewall
  • Other AWS Security Services – ACM, Route 53, DNSSEC, GuardDuty, Inspector
10. Gateway Load Balancer
  • Gateway Load Balancer
  • Gateway Load Balancer Architectures