As promised, here is a follow-up on the lab hardware selection, I’ve decided to loosely follow the INE lab specification and acquired the following Cisco hardware:
- R1 2911-K9/SEC
- R2 2911-K9/SEC
- SW1 3750X-48P-S
- SW2 3560X-24T-S
- 2x ASAx 5515X
- LWAP 3602
- IP Phone A 7965G
- IP Phone B 7965G
In addition to physical Cisco hardware, the following virtual Windows machines and Cisco security appliances are part of the SCv5 Rack,
- (2) Cisco ACS (Access Control Server)
- (2) Cisco ASAv (Adaptive Security Appliances virtualized)
- (10) Cisco CSR (Cloud Services Router)
- (2) Cisco ISE (Identity Services Engine)
- (2) Cisco ESA (Email Security Appliance)
- (2) Cisco FMCv (Firepower Management Center virtualized)
- (2) Cisco FTDv (Firepower Threat Defense virtualized)
- (2) Cisco NGIPSv (Next Generation Intrusion Prevention System virtualized – aka Cisco Firepower)
- (2) Cisco WSA (Web Security Appliance)
- Test PC A (Windows 10 x64)
- Test Server A (Windows 2012 Server)
- Test PC B (Windows 10 x64)
- Test Server B (Windows 2012 Server)
- WiFi Test PC (Windows 10 x64)
To host all of the virtual machines needed for the lab I used a Dell Poweredge R720 Server with 2x E5-2650L v2 (10 Core/20 Threads) CPUs, 144GB RAM and 2TB NVMe for local storage.
For power management I went with a APC Switched PDU as this will allow me to remotely turn the lab on and off.
For console/terminal access I used an old Raritan KSX2-188.
Here is a quick rack layout of the equipment, actual picture to follow.
The lab is wired as per INE’s Wiring Diagram for simplicity, this may or may not change when I find more time to fiddle with the setup and decide on what training providers to follow.