Cisco Certified Specialist Enterprise Design Quick Facts (2025)

Exam Domain Breakdown

Domain 1: Advanced Addressing and Routing Solutions (25% of the exam)

1.1 Create structured addressing plans for IPv4 and IPv6

1.1 summary: This section focuses on developing efficient and hierarchical addressing plans that support scalability and simplicity in network growth. You will explore how careful IPv4 and IPv6 design minimizes fragmentation of address spaces and simplifies management. A structured plan ensures logical routing and reliable communication across complex enterprise environments.

Beyond assigning addresses, emphasis is on ensuring future-ready design choices. You will learn to integrate addressing strategies that align with subnetting best practices, facilitate seamless transitions between protocols, and enable adaptive modernization without jeopardizing network consistency or operational clarity.

1.2 Create stable, secure, and scalable routing designs for IS-IS

1.2 summary: This section examines IS-IS routing design for resilience and predictability in enterprise deployments. Core concepts include the use of hierarchical areas, route summarization, and filtering to maintain stability and minimize processing overhead. Key configuration principles help create sustainable structures that resist routing loops or instability.

You will also learn how IS-IS supports large-scale networks, emphasizing scalability and security enhancements through authentication options and adjacency management. Designing with IS-IS builds strong foundations for high availability across multi-area topologies.

1.3 Create stable, secure, and scalable routing designs for EIGRP

1.3 summary: This part centers on EIGRP design strategies that balance performance and manageability. You will study neighbor relationships, metric tuning, and multiprotocol support to construct networks that deliver predictable convergence and consistent routing outcomes. Mastering summarization and route filtering further enhances bandwidth efficiency.

The second focus is security and scalability within EIGRP environments. Through authentication configurations and route tagging, you ensure routes are validated and properly distinguished, maintaining the stability and trust required in complex enterprise networks.

1.4 Create stable, secure, and scalable routing designs for OSPF

1.4 summary: This section guides you in structuring OSPF networks that ensure reliability and clarity in routing decisions. You'll gain understanding of OSPF area design, LSAs, route summarization, and the role of redistribution in multi-protocol ecosystems. Smart area planning supports better performance and limits unnecessary routing updates.

Additionally, emphasis is placed on scalability through the use of diverse area types and route policies. By mastering OSPF design, you can build architectures that converge quickly, adapt easily, and deliver continuous availability across enterprise campuses and branches.

1.5 Create stable, secure, and scalable routing designs for BGP

1.5 summary: This section develops your understanding of BGP’s critical role in enterprise and edge connectivity. You’ll learn about address families, policy-based routing, and attributes that influence path preference. Topics like route reflectors, confederations, and load sharing offer insight into efficient large-scale route management.

Security and stability are naturally incorporated through proper filtering and path control. By grasping these techniques, you can design BGP implementations that scale gracefully, promote redundancy, and sustain optimized performance across distributed environments.

1.6 Determine IPv6 migration strategies

1.6 summary: This section explores practical methods for integrating IPv6 alongside IPv4. You will examine overlay tunneling, native dual-stack, and translation boundary techniques to ensure uninterrupted connectivity during migrations. Each approach is considered in relation to operational ease, scalability, and application performance.

Focus extends to managing coexistence strategies that preserve user experience while supporting long-term modernization goals. Understanding how to transition network services to IPv6 efficiently ensures you can guide organizations confidently through IP evolution.

Domain 2: Advanced Enterprise Campus Networks (25% of the exam)

2.1 Design campus networks for high availability

2.1 summary: This section emphasizes developing fault-tolerant campus topologies built on reliable switching, routing, and redundancy principles. You’ll analyze protocols like HSRP, VRRP, and GLBP along with mechanisms like NSF and BFD that maintain operational integrity during faults. These designs protect uptime and ensure seamless failover.

Furthermore, you will explore abstraction techniques that streamline configuration management and promote modularity across hardware platforms. The result is a resilient foundation capable of sustaining mission-critical enterprise services.

2.2 Design campus Layer 2 infrastructures

2.2 summary: This part focuses on building scalable and secure Layer 2 topologies. You’ll review STP optimization, loop-free mechanisms, Power over Ethernet considerations, and Wake-on-LAN support. Proper design fosters stability and accelerates convergence without compromising traffic flow.

Security and reliability are deepened through features like STP protection, VACLs, and port-based controls. These design practices safeguard wired networks and enable flexible yet protected data-plane operations in enterprise environments.

2.3 Design multicampus Layer 3 infrastructures

2.3 summary: This section dives into strategies for connecting multiple campuses under a unified Layer 3 framework. You’ll design solutions that leverage summarization, load-sharing, and redistribution for consistent control and predictable performance across geographic sites. Optimal topology selection enhances efficiency and reduces administrative complexity.

In addition, you will explore VRF segmentation for traffic isolation and review convergence best practices that enhance overall stability. Each decision strengthens inter-campus resilience while aligning with scalable enterprise growth.

2.4 Describe SD-Access Architecture (underlay, overlay, control and data plane, automation, wireless, and security)

2.4 summary: This section provides a conceptual view of Cisco SD-Access architectures. You’ll examine how underlay, overlay, and control planes collaborate to deliver automation, segmentation, and policy-driven security. Understanding these components enables the creation of agile and centrally managed network fabrics.

Attention is also given to automation workflows that simplify provisioning and integrate wireless and security domains seamlessly. By mastering SD-Access architecture, you accelerate deployment times and build adaptive enterprise ecosystems.

2.5 Describe SD-Access fabric design considerations for wired and wireless access (overlay, fabric design, control plan design, border design, segmentation, virtual networks, scalability, over the top and fabric for wireless, multicast)

2.5 summary: This section explores design principles that shape effective SD-Access fabrics. You will evaluate overlay behavior, border roles, and segmentation strategies to create isolated virtualized domains that enhance security and management simplicity. Achieving balance between scalability and performance remains the core objective.

The second focus is extending SD-Access benefits beyond wired infrastructure to wireless networks. Understanding multicast and design scalability ensures uniform policy enforcement and optimal user mobility inside the fabric.

Domain 3: WAN for Enterprise Networks (20% of the exam)

3.1 Describe WAN connectivity options for on-premises, hybrid, and cloud solutions

3.1 summary: This section introduces WAN technologies including MPLS, Metro Ethernet, DWDM, and SD-WAN approaches. By comparing characteristics like bandwidth, latency, and reliability, you select solutions that align best with enterprise connectivity needs. Each WAN type supports distinct deployment environments, from private to hybrid cloud.

In addition to technology review, emphasis is placed on matching design choices to business strategy. You’ll gain insight into evaluating connectivity for scalability and cost efficiency while ensuring smooth integration with the enterprise backbone.

3.2 Design site-to-site VPN for on-premises, hybrid, and cloud solutions

3.2 summary: This section focuses on designing secure VPN topologies such as IPsec, GRE, DMVPN, and GET VPN. Understanding their behaviors supports the creation of encrypted yet performant connectivity between distributed sites. It enhances privacy, control, and guardianship of data flows across the organization.

Moreover, you’ll learn to identify when different approaches fit business models, whether cloud-driven or site-based. Integrating these designs through cohesive policy ensures secure, future-ready hybrid connectivity.

3.3 Design high availability for enterprise WAN for on-premises, hybrid, and cloud solutions

3.3 summary: Here you will explore redundancy and load-sharing techniques using multiple links, diverse providers, and failover methodologies. Planning both single-homed and multihomed architectures maintains uninterrupted service delivery during outages. Each design supports adaptable resilience without sacrificing efficiency.

The section also addresses proactive design testing and failover validation to guarantee responsiveness during disruptions. High availability principles ensure that business operations remain continuous even as network paths adjust dynamically.

3.4 Describe Cisco SD-WAN architecture (orchestration plane, management plane, control plane, data plane, on-boarding and provisioning, security)

3.4 summary: This section provides an overview of Cisco SD-WAN architecture components, focusing on the collaboration among orchestration, control, management, and data planes. Understanding each function enables you to design flexible overlay networks that simplify deployment and monitoring.

Security is deeply embedded through segmentation, policy enforcement, and encrypted communication channels. By mastering this architecture, you enable enterprises to achieve agility and visibility from edge to cloud.

3.5 Describe Cisco SD-WAN design considerations (control plane design, overlay design, LAN design, high availability, redundancy, scalability, security design, QoS and multicast over SD-WAN fabric)

3.5 summary: You’ll explore design considerations that ensure optimal SD-WAN performance at scale. Core topics include control plane stability, security, redundancy, and overlay optimization to maintain steady traffic flow. Consistent designs enable predictable connectivity across regions and service providers.

Additionally, you will study QoS strategies and multicast handling within SD-WAN fabrics, aligning traffic priorities with application performance. Mastery of these design aspects leads to networks capable of adapting dynamically to changing workloads and demands.

Domain 4: Network Services (20% of the exam)

4.1 Select QoS strategies to meet customer requirements (DiffServ, IntServ)

4.1 summary: This section emphasizes choosing suitable QoS strategies that align with application performance goals. You’ll learn how DiffServ and IntServ models shape traffic priority and resource reservation. Applying these frameworks ensures critical services retain optimal performance levels across the enterprise.

In addition, this section encourages evaluating user patterns and application demands to fine-tune queue management. Proper design ensures graceful handling of congestion and preserves quality for high-demand workloads.

4.2 Design end-to-end QoS policies

4.2 summary: This section delves into policy development that spans across network boundaries. You’ll master classification, marking, shaping, policing, and queuing to control traffic behavior. Effective policy enforcement ensures consistent experiences for real-time and mission-critical applications.

Further coverage emphasizes modular QoS design that adapts to changing environments. By implementing unified policies across wired, wireless, and WAN segments, you preserve predictability throughout enterprise operations.

4.3 Design network management techniques

4.3 summary: This section guides you in building reliable out-of-band and in-band management networks that ensure uptime and security. Segmented management channels protect administrative operations and prioritize monitoring traffic for responsiveness.

You’ll also focus on balancing scalability and simplicity in monitoring designs. Integrating techniques for proactive visibility strengthens troubleshooting workflows and promotes reliable infrastructure oversight.

4.4 Describe multicast routing concepts (source trees, shared trees, RPF, rendezvous points)

4.4 summary: This section introduces the principles that underpin multicast routing. You’ll gain insights into the distinctions between source and shared trees, and how Reverse Path Forwarding guarantees loop-free data delivery. Recognizing the function of rendezvous points enhances distribution efficiency.

Through these foundations, you’ll understand how multicast routing supports bandwidth conservation and synchronized data delivery. This knowledge supports scalable media and application distribution strategies across diverse environments.

4.5 Design multicast services (SSM, PIM bidirectional, MSDP, service-reflection)

4.5 summary: This section extends multicast concepts into real-world service design. By exploring Source-Specific Multicast and PIM bidirectional options, you’ll learn to tailor architectures for specific traffic patterns and reliability goals. These solutions balance scalability with performance in large deployments.

You will also assess interdomain coordination through MSDP and service-reflection techniques. Combined, these elements support high-performance, synchronized communication streams optimized for enterprise applications.

Domain 5: Automation and Artificial Intelligence (10% of the exam)

5.1 Differentiate between IETF, OpenConfig, and Cisco YANG models

5.1 summary: This section introduces data modeling standards used in network automation. You’ll learn how IETF, OpenConfig, and Cisco YANG models structure device configuration and monitoring data, enabling consistent automation across platforms. Understanding each model’s intent simplifies API-driven management.

By differentiating their roles, you’ll see how model standardization reduces complexity and promotes vendor-neutral orchestration. Adoption of these models supports operational efficiency and adaptability.

5.2 Differentiate between NETCONF and RESTCONF

5.2 summary: This section explores transport mechanisms used for programmatic configuration. You’ll examine how NETCONF and RESTCONF provide secure, structured communication channels for managing network devices. Each protocol serves different APIs and operational approaches suited to automation goals.

You will also learn to align protocol selection with existing management infrastructure. Recognizing their distinctions enhances your flexibility in developing consistent configuration workflows.

5.3 Describe the impact of model-driven telemetry on the network

5.3 summary: This section explains how adopting model-driven telemetry transforms network monitoring. You’ll understand the differences between periodic and on-change publication models and their effects on data freshness and network efficiency.

Implementing telemetry ensures high-fidelity visibility into operational behaviors. These insights empower faster decision-making and more proactive network performance optimization.

5.4 Describe GRPC and GNMI

5.4 summary: This section highlights protocols enabling efficient and scalable streaming communication. You’ll explore how gRPC and gNMI support bidirectional data exchange for advanced telemetry and configuration. Their use facilitates near real-time responsiveness within automation frameworks.

The focus extends to integration across modern controllers and orchestrators. Familiarity with these capabilities lets you design streamlined automation pipelines that simplify operational transparency.

5.5 Describe cloud connectivity options such as direct connect, cloud on ramp, MPLS direct connect, and WAN integration

5.5 summary: This section presents key methods for connecting enterprise networks to cloud environments. You’ll contrast options like direct connect, cloud on-ramp, and MPLS integration to find optimal combinations of performance and cost efficiency. Each approach emphasizes secure and dependable connections to hybrid ecosystems.

Additionally, you’ll broaden your perspective on aligning connectivity with application placement and multi-cloud strategies. This understanding strengthens enterprise agility by blending on-premises and cloud networks cohesively.

5.6 Describe cloud-based services model in private, public, and hybrid deployments (SaaS, PaaS, IaaS)

5.6 summary: This section reviews cloud service models to clarify deployment and management distinctions. You’ll study how SaaS, PaaS, and IaaS deliver different levels of control, flexibility, and operational simplicity within enterprise architectures. Recognizing these relationships helps optimize workload placement.

You’ll also discover how selecting appropriate service models supports cost-efficiency and scalability. Integrating cloud services into enterprise designs creates infrastructure that adjusts readily to evolving digital demands.