Cisco Security

Course Description 

The Designing Cisco Security Infrastructure (SDSI) training teaches you about security architecture design, including secure infrastructure, applications, risk, events, requirements, artificial intelligence (AI), automation, and DevSecOps.

This training prepares you for the 300-745 SDSI v1.0 exam. If passed, you earn the Cisco Certified Specialist – Designing Cisco Security Infrastructure certification and satisfy the concentration exam requirement for the Cisco Certified Network Professional (CCNP) Security certification. This training also earns you 41 Continuing Education (CE) credits toward recertification. 

How You'll Benefit

This training will help you:
Gain hands-on experience of security architecture design
Qualify for professional and expert-level security job roles
Prepare for the 300-745 SDSI v1.0 exam
Earn 41 CE credits toward recertification

Who Should Enroll

Cisco and Partner’s Systems Engineers
Customer Network & Infrastructure Engineers
Customer Security/NOC Engineers

What to Expect in the Exam

Designing Cisco Security Infrastructure (300-745 SDSI) v1.0 is a 90-minute exam associated with the Cisco Certified Specialist - Designing Cisco Security Infrastructure certification and satisfies the core exam requirement for the CCNP Security certification.
This exam tests your knowledge of security architecture design, including:
Secure infrastructure
Applications
Risk
Events
Requirements
Artificial intelligence and Automation
DevSecOps

Course Objectives

Identify and explain the fundamental concepts of security architecture and how they support the design, building, and maintenance of a secure infrastructure
Identify the layers of security infrastructure, core security technologies, and infrastructure concepts
Explain how security designs principles contribute to secure infrastructure
Identify and discuss security design and management frameworks that can be used for infrastructure security design
Explain the importance of and methods for enforcement of regulatory compliance in security design
Identify tools that enable detection and response to infrastructure security incidents
Explain various strategies that can be implemented to modify traditional security architectures to meet the technical requirements of modern enterprise networks
Implement secure network access methods, such as 802.1X, MAC Authentication Bypass (MAB), and web-based authentication
Describe security technologies that can be applied to enterprise Wide Area Network (WAN) connections
Compare methods to secure network management and control plane traffic
Compare the differences between traditional firewalls and next-gen firewalls (NGFWs) and identify the advanced features that NGFWs provide
Explain how web application firewalls (WAFs) secure web applications from threats
Describe the key features and best practices for deploying intrusion detection system (IDS) and intrusion prevention system (IPS) as part of the enterprise infrastructure security design
Explain how endpoints and services in cloud-native or microservice environments can be protected with host-based or distributed firewalls
Discuss security technologies that address application data and data that is in transit
Identify several security solutions for cloud-native applications, microservices, and containers
Explain how technology advancements allow for improvements in today’s infrastructure security
Identify tools that enable detection and response to infrastructure security incidents
Describe frameworks and controls to access and mitigate security risks for infrastructure
Explain how to make security adjustments following a security incident
Identify DevSecOps integrations that improve security management and response
Discuss how to ensure that automated services are secure
Discuss how AI can aid in threat detection and response

Course Prerequisites

There are no prerequisites for this training. However, the knowledge and skills you are recommended to have before attending this training are:
Cisco CCNP Security or equivalent knowledge
Familiarity with Microsoft Windows Operating Systems
Familiarity with the Cisco Security portfolio

These skills can be found in the following Cisco Learning Offerings:
Implementing and Operating Cisco Security Core Technologies (SCOR)
Fundamentals of Cisco Firewall Threat Defense and Intrusion Prevention (SFWIPF) 
Implementing and Configuring Cisco Identity Services Engine (SISE)
Designing and Implementing Secure Cloud Access for Users and Endpoints (SCAZT)
Advanced Techniques for Cisco Firewall Threat Defense and Intrusion Prevention (SFWIPA)
Implementing Automation for Cisco Security Solutions (SAUI)
Implementing Secure Solutions with Virtual Private Networks (SVPN)
Introducing Automation for Cisco Solutions (CSAU)
Securing Email with Cisco Email Security Appliance (SESA)
Securing the Web with Cisco Web Security Appliance (SWSA)

Course Outline

Definition and Purpose of Security Architecture
Components of Security Infrastructure
Security Design Principles
Security and Design Frameworks
Compliance and Regulatory Requirements
Security Approaches to Protect Against Threats
Modify the Security Architecture to Meet Technical Requirements
Network Access Security
VPN and Tunneling Solutions
Secure Infrastructure Management and Control Planes
Nextgen Firewalls
Web Application Firewall (WAF)
IPS/IDS Deployment
Host-Based Firewalls and Distributed Firewalls
Security Solutions Based on Application and Flow Data
Security for Cloud-Native Applications, Microservices, and Containers
Emerging Technologies in Application Security
SOC Tools for Incident Handling and Response
Modify Design to Mitigate Risk
Incident-Driven Security Adjustments
DevSecOps Integration
Secure Automated Workflows and Pipelines
AI’s Role in Securing Infrastructure

Course Overview

The Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 course teaches you to deploy and use Cisco® Identity Services Engine (ISE) v3.x, an identity and access control policy platform that simplifies the delivery of consistent, highly secure access control across wired, wireless, and VPN connections. This hands-on course provides you with the knowledge and skills to implement and apply Cisco ISE capabilities to support use cases for Zero Trust security posture. These use cases include tasks such as policy enforcement, profiling services, web authentication and guest access services, BYOD, endpoint compliance services, and Terminal Access Controller Access Control Server (TACACS+) device administration. Through hands-on practice via lab exercises, you will learn how to use Cisco ISE to gain visibility into what is happening in your network, streamline security policy management, and contribute to operational efficiency. This course helps you prepare to take the Implementing and Configuring Cisco Identity Services Engine (300-715 SISE) exam, which leads to CCNP® Security and the Cisco Certified Specialist — Security Identity Management Implementation certifications. This course also earns you 40 Continuing Education (CE) credits toward recertification

How You’ll Benefit

This class will help you use Cisco ISE to:
Develop and implement SASE architecture
Understand application of ISE capabilities towards development of a Zero Trust approach
Enable BYOD and guest access
Centrally configure and manage posture, authentication, and authorization services in a single webbased GUI console
Gain leading-edge career skills for high-demand job roles and responsibilities focused on enterprise security
Earn 40 CE credits toward recertification

Who should attend

Network security engineers
Network security architects
ISE administrators
Senior Security Operations Center (SOC) personnel responsible for Incidence Response
Cisco integrators and partners

Prerequisites

To fully benefit from this course, you should have the following knowledge:
Familiarity with the Cisco IOS® Software Command-Line Interface (CLI) for wired and wireless devices
Familiarity with Cisco AnyConnect® Secure Mobility Client
Familiarity with Microsoft Windows operating systems
Familiarity with 802.1X

Course Objectives

After taking this course, you should be able to:
Describe the Cisco Identity Services Engine (ISE)
Explain Cisco ISE deployment
Describe Cisco ISE policy enforcement components
Describe Cisco ISE policy configuration
Troubleshoot Cisco ISE policy and third-party Network Access Device (NAD) support
Configure guest access
Configure hotspots and guest portals
Describe the Cisco ISE profiler services
Describe profiling best practices and reporting
Configure a Cisco ISE BYOD solution
Configure endpoint compliance
Configure client posture services
Configure Cisco ISE device administration
Describe Cisco ISE TrustSec configurations

Outline

Introducing Cisco ISE Architecture
Introducing Cisco ISE Deployment
Introducing Cisco ISE Policy Enforcement Components
Introducing Cisco ISE Policy Configuration
Troubleshooting Cisco ISE Policy and Third-Party NAD Support
Introducing Web Authentication and Guest Services
Configuring Hotspots and Guest Portals
Introducing the Cisco ISE Profiler
Introducing Profiling Best Practices and Reporting
Configuring Cisco ISE BYOD
Introducing Cisco ISE Endpoint Compliance Services
Configuring Client Posture Services and Compliance
Working With Network Access Devices
Exploring Cisco TrustSec

Lab Topology

Configure Initial Cisco ISE Setup and System Certificate Usage
Integrate Cisco ISE with Active Directory
Configure Cisco ISE Policy for MAC Authentication Bypass (MAB)
Configure Cisco ISE Policy for 802.1X
Configure Guest Access
Configure Hotspot and Self-Registered Guest Access
Configure Sponsor-Approved and Fully Sponsored Guest Access
Create Guest Reports
Configure Profiling
Customize the Cisco ISE Profiling Configuration
Create Cisco ISE Profiling Reports
Configure BYOD
Manage a Lost or Stolen BYOD Device
Configure Cisco ISE Compliance Services
Configure Client Provisioning
Configure Posture Policies
Test and Monitor Compliance-Based Access
Configure Cisco ISE for Basic Device Administration
Configure Cisco ISE Command Authorization
Configure Cisco TrustSec

Course Description 

The Securing the Web with Cisco Web Security Appliance (SWSA) v3.0 course shows you how to implement, use, and maintain Cisco® Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you’ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution’s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.

This course helps you prepare to take the exam, Securing the Web with Cisco Web Security Appliance (300-725 SWSA), which leads to CCNP® Security and the Cisco Certified Specialist - Web Content Security. This course also earns you 16 Continuing Education (CE) credits towards recertification.

How You'll Benefit

This class will help you:
Implement Cisco WSA to secure web gateways, provide malware protection, and use policy controls to address the challenges of securing and controlling web traffic
Gain valuable hands-on skills focused on web security
Earn 16 CE credits toward recertification

Who Should Enroll

Security architects
System designers
Network administrators
Operations engineers
Network managers, network or security technicians, and security engineers and managers responsible for web security
Cisco integrators and partners

What to Expect in the Exam

This exam certifies your knowledge of Cisco Web Security Appliance including proxy services, authentication, decryption policies, differentiated traffic access policies and identification policies, acceptable use control settings, malware defense, and data security and data loss prevention.

After you pass 300-725 SWSA:
You earn the Cisco Certified Specialist - Web Content Security certification.
You will have satisfied the concentration exam requirement for new the CCNP Security certification. To complete CCNP Security, you also need to pass the Implementing and Operating Cisco Security Core Technologies (350-701 SCOR) exam or its equivalent.

Course Objectives

After taking this course, you should be able to:
Describe Cisco WSA
Deploy proxy services
Utilize authentication
Describe decryption policies to control HTTPS traffic
Understand differentiated traffic access policies and identification profiles
Enforce acceptable use control settings
Defend against malware
Describe data security and data loss prevention
Perform administration and troubleshooting

Course Prerequisites

To fully benefit from this course, you should have knowledge of these topics:
TCP/IP services, including Domain Name System (DNS), Secure Shell (SSH), FTP, Simple Network Management Protocol (SNMP), HTTP, and HTTPS
IP routing

You are expected to have one or more of the following basic technical competencies or equivalent knowledge:
Cisco certification (CCENT certification or higher)
Relevant industry certification [International Information System Security Certification Consortium ((ISC)2), Computing Technology Industry Association (CompTIA) Security+, International Council of Electronic Commerce Consultants (EC-Council), Global Information Assurance Certification (GIAC), ISACA]
Cisco Networking Academy letter of completion (CCNA® 1 and CCNA 2)
Windows expertise: Microsoft [Microsoft Specialist, Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE)], CompTIA (A+, Network+, Server+)

Course Outline

Describing Cisco WSA
Deploying Proxy Services
Utilizing Authentication
Creating Decryption Policies to Control HTTPS Traffic
Understanding Differentiated Traffic Access Policies and Identification Profiles
Defending Against Malware
Enforcing Acceptable Use Control Settings
Data Security and Data Loss Prevention
Performing Administration and Troubleshooting
References

Lab Outline

Configure the Cisco Web Security Appliance
Deploy Proxy Services
Configure Proxy Authentication
Configure HTTPS Inspection
Create and Enforce a Time/Date-Based Acceptable Use Policy
Configure Advanced Malware Protection
Configure Referrer Header Exceptions
Utilize Third-Party Security Feeds and MS Office 365 External Feed
Validate an Intermediate Certificate
View Reporting Services and Web Tracking
Perform Centralized Cisco AsyncOS Software Upgrade Using Cisco SMA

Course Description 

The Securing Email with Cisco Email Security Appliance (SESA) training shows you how to deploy and use Cisco® Email Security Appliance to establish protection for your email systems against phishing, business email compromise, and ransomware, and to help streamline email security policy management. This hands-on training provides you with the knowledge and skills to implement, troubleshoot, and administer Cisco Email Security Appliance, including key capabilities, such as advanced malware protection, spam blocking, anti-virus protection, outbreak filtering, encryption, quarantines, and data loss prevention.

This training prepares you for the 300-720 SESA v1.1 exam. If passed, you earn the Cisco Certified Specialist – Email Content Security certification and satisfy the concentration exam requirement for the CCNP Security certification. This training also earns you 24 Continuing Education (CE) credits towards recertification.

How You'll Benefit

This training will help you:
Deploy high-availability email protection against the dynamic, rapidly changing threats affecting your organization
Gain leading-edge career skills focused on enterprise security
Prepare for the 300-720 SESA v1.1 exam
Earn 24 CE credits toward recertification

Who Should Enroll

Security Engineers
Security Administrators
Security Architects
Operations Engineers
Network Engineers
Network Administrators
Network or Security Technicians
Network Managers
System Designers
Cisco Integrators and Partners

Course Objectives

Describe and administer the Cisco Email Security Appliance
Control sender and recipient domains
Control spam with Talos SenderBase and anti-spam
Use anti-virus and outbreak filters
Use mail policies
Use content filters
Use message filters
Prevent data loss
Perform lightweight directory access protocol (LDAP) queries
Authenticate simple mail transfer protocol (SMTP) sessions
Authenticate email
Encrypt email
Use system quarantines and delivery methods
Perform centralized management using clusters
Test and troubleshoot

Course Prerequisites

The basic technical competencies you are expected to have before attending this training are:
Cisco certification, such as Cisco Certified Support Technician (CCST) Cybersecurity certification or higher
Relevant industry certification, such as (ISC)2, CompTIA Security+, EC-Council, Global Information Assurance Certification (GIAC), and ISACA
Cisco Networking Academy letter of completion (CCNA® 1 and CCNA 2)
Windows expertise, such as Microsoft [Microsoft Specialist, Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Systems Engineer (MCSE)], and CompTIA (A+, Network+, Server+)

The knowledge and skills you are expected to have before attending this training are:
Transmission control protocol/internet protocol (TCP/IP) services, including domain name system (DNS), secure shell (SSH), file transfer protocol (FTP), simple network management protocol (SNMP), hypertext transfer protocol (HTTP), and hypertext transfer protocol secure (HTTPS)
Experience with IP routing

Course Outline

Describing the Cisco Email Security Appliance
Controlling Sender and Recipient Domains
Controlling Spam with Talos SenderBase and Anti-Spam
Using Anti-Virus and Outbreak Filters
Using Mail Polices
Using Content Filters
Using Message Filters
Preventing Data Loss
Using LDAP
Describing SMTP Session Authentication
Using Email Authentication
Using Email Encryption
Administering the Cisco Email Security Appliance
Using System Quarantines and Delivery Methods
Centralizing Management Using Clusters
Testing and Troubleshooting

Lab Outline

Verify and Test Cisco ESA Configuration
Advanced Malware in Attachments (Macro Detection)
Protect Against Malicious or Undesirable URLs Beneath Shortened URLs
Protect Against Malicious or Undesirable URLs Inside Attachments
Intelligently Handle Unscannable Messages
Leverage AMP Cloud Intelligence Via Pre-Classification Enhancement
Integrate Cisco ESA with AMP Console
Prevent Threats with Anti-Virus Protection
Applying Outbreak Filters
Configure Attachment Scanning
Configure Outbound Data Loss Prevention
Integrate Cisco ESA with LDAP and Enable the LDAP Accept Query
Domain Keys Identified Mail (DKIM)
Sender Policy Framework (SPF)
Forged Email Detection
Perform Basic Administration
Configure the Cisco Secure Email and Web Manager for Tracking and Reporting

Course Description

The Implementing and Operating Cisco Security Core Technologies (SCOR) training helps you gain the skills and technologies needed to implement core Cisco security solutions. This training will ready you to provide advanced threat protection against cybersecurity attacks and prepare you for senior-level security roles.

This training prepares you for the 350-701 SCOR v1.1 exam. If passed, you earn the Cisco Certified Specialist - Security Core certification and satisfy the core exam requirement for the Cisco Certified Network Professional (CCNP) Security and Cisco Certified Internetwork Expert (CCIE) Security certifications. This training also earns you 64 Continuing Education (CE) credits toward recertification.

How You'll Benefit

This training will help you:
Gain hands-on experience implementing core security technologies and learn best practices using Cisco security solutions
Qualify for professional and expert-level security job roles
Prepare for the 350-701 SCOR v1.1 exam
Earn 64 CE credits toward recertification

Who Should Enroll

Security Engineers
Network Engineers
Network Designers
Network Administrators
Systems Engineers
Consulting Systems Engineers
Technical Solutions Architects
Cisco Integrators and Partners
Network Managers
Program Managers
Project Managers

What to Expect in the Exam

Implementing and Operating Cisco Security Core Technologies (350-701 SCOR) v1.1 is a 120-minute exam associated with the Cisco Certified Specialist - Security Core certification and satisfies the core exam requirement for the CCNP Security and CCIE Security certifications.

This exam tests your knowledge of implementing and operating core security technologies, including:
Network security
Cloud security
Content security
Endpoint protection and detection
Secure network access
Visibility and enforcement

Course Objectives

Describe information security concepts and strategies within the network
Describe security flaws in the transmission protocol/internet protocol (TCP/IP) and how they can be used to attack networks and hosts
Describe network application-based attacks
Describe how various network security technologies work together to guard against attacks
Implement access control on Cisco Secure Firewall Adaptive Security Appliance (ASA)
Deploy Cisco Secure Firewall Threat Defense basic configurations
Deploy Cisco Secure Firewall Threat Defense IPS, malware, and fire policies
Deploy Cisco Secure Email Gateway basic configurations
Deploy Cisco Secure Email Gateway policy configurations
Describe and implement basic web content security features and functions provided by Cisco Secure Web Appliance
Describe various attack techniques against the endpoints
Describe Cisco Umbrella® security capabilities, deployment models, policy management, and Investigate console
Provide basic understanding of endpoint security and be familiar with common endpoint security technologies
Describe Cisco Secure Endpoint architecture and basic features
Describe Cisco Secure Network Access solutions
Describe 802.1X and extensible authentication protocol (EAP) authentication
Configure devices for 802.1X operations
Introduce VPNs and describe cryptography solutions and algorithms
Describe Cisco secure site-to-site connectivity solutions
Deploy Cisco Internetwork Operating System (Cisco IOS®) Virtual Tunnel Interface (VTI)-based point-to-point IPsec VPNs
Configure point-to-point IPsec VPNs on the Cisco Secure Firewall ASA and Cisco Secure Firewall Threat Defense
Describe Cisco secure remote access connectivity solutions
Deploy Cisco secure remote access connectivity solutions
Provide an overview of network infrastructure protection controls
Examine various defenses on Cisco devices that protect the control plane
Configure and verify Cisco IOS software layer 2 data plane controls
Configure and verify Cisco IOS software and Cisco ASA layer 3 data plane controls
Examine various defenses on Cisco devices that protect the management plane
Describe the baseline forms of telemetry recommended for network infrastructure and security devices
Describe deploying Cisco Secure Network Analytics
Describe basics of cloud computing and common cloud attacks
Describe how to secure cloud environment
Describe the deployment of Cisco Secure Cloud Analytics
Describe basics of software-defined networks and network programmability

Course Prerequisites

There are no prerequisites for this training. However, the knowledge and skills you are recommended to have before attending this training are:
Familiarity with Ethernet and TCP/IP networking
Working knowledge of the Windows operating system
Working knowledge of Cisco IOS networking and concepts
Familiarity with basics of networking security concepts

These skills can be found in the following Cisco Learning Offering:
Implementing and Administering Cisco Solutions (CCNA®)

Course Outline

Network Security Technologies
Cisco Secure Firewall ASA Deployment
Cisco Secure Firewall Threat Defense Basics
Cisco Secure Firewall Threat Defense IPS, Malware, and File Policies
Cisco Secure Email Gateway Basics
Cisco Secure Email Policy Configuration
Cisco Secure Web Appliance Deployment
VPN Technologies and Cryptography Concepts
Cisco Secure Site-to-Site VPN Solutions
Cisco IOS VTI-Based Point-to-Point IPsec VPNs
Point-to-Point IPsec VPNs on the Cisco Secure Firewall ASA and Cisco Secure Firewall Threat Defense
Cisco Secure Remote-Access VPN Solutions
Remote-Access SSL VPNs on the Cisco Secure Firewall ASA and Cisco Secure Firewall Threat Defense
Describing Information Security Concepts
Describe Common TCP/IP Attacks
Describe Common Network Application Attacks
Common Endpoint Attacks
Cisco Umbrella Deployment
Endpoint Security Technologies
Cisco Secure Endpoint
Cisco Secure Network Access Solutions
802.1X Authentication
802.1X Authentication Configuration
Network Infrastructure Protection
Control Plane Security Solutions
Layer 2 Data Plane Security Controls
Layer 3 Data Plane Security Controls
Management Plane Security Controls
Traffic Telemetry Methods
Cisco Secure Network Analytics Deployment
Cloud Computing and Cloud Security
Cloud Security
Cisco Secure Cloud Analytics Deployment
Software-Defined Networking

Lab Outline

Configure Network Settings and NAT on Cisco Secure Firewall ASA
Configure Cisco Secure Firewall ASA Access Control Policies
Configure Cisco Secure Firewall Threat Defense NAT
Configure Cisco Secure Firewall Threat Defense Access Control Policy
Configure Cisco Secure Firewall Threat Defense Discovery and IPS Policy
Configure Cisco Secure Firewall Threat Defense Malware and File Policy
Configure Listener, HAT, and RAT on Cisco Email Secure Email Gateway
Configure Cisco Secure Email Policies
Configure Proxy Services, Authentication, and HTTPS Decryption
Enforce Acceptable Use Control and Malware Protection
Configure Static VTI Point-to-Point IPsec IKEv2 Tunnel
Configure Point-to-Point VPN between Cisco Secure Firewall Threat Defense Devices
Configure Remote Access VPN on the Cisco Secure Firewall Threat Defense
Examine Cisco Umbrella Dashboard and DNS Security
Examine Cisco Umbrella Secure Web Gateway and Cloud-Delivered Firewall
Explore Cisco Umbrella CASB Functionalities
Explore Cisco Secure Endpoint
Perform Endpoint Analysis Using Cisco Secure Endpoint Console
Explore File Ransomware Protection by Cisco Secure Endpoint Console
Explore Secure Network Analytics v7.4.2
Explore Global Threat Alerts Integration and ETA Cryptographic Audit
Explore Cloud Analytics Dashboard and Operations
Explore Secure Cloud Private and Public Cloud Monitoring

Course Description 

The Implementing Secure Solutions with Virtual Private Networks (SVPN) training teaches you how to implement, configure, monitor, and support enterprise virtual private network (VPN) solutions. Through a combination of lessons and hands-on experiences, you will acquire the knowledge and skills to deploy and troubleshoot traditional internet protocol security (IPsec), dynamic multipoint virtual private network (DMVPN), FlexVPN, and remote access VPN to create secure and encrypted data, remote accessibility, and increased privacy.

This training prepares you for the 300-730 SVPN v1.1 exam. If passed, you earn the Cisco Certified Specialist – Network Security VPN Implementation certification and satisfy the concentration exam requirement for the CCNP Security certification. This training also earns you 40 Continuing Education (CE) credits towards recertification.

How You'll Benefit

This training will help you:
Acquire the knowledge and skills to enhance internet privacy, speed, and performance
Gain hands-on experience using the tools to ensure premium data security
Prepare for the 300-730 SVPN v1.1 exam
Earn 40 CE credits toward recertification

Who Should Enroll

Network Security Engineers
CCNP Security Candidates
Channel Partners
Cisco Customers

What to Expect in the Exam

Implementing Secure Solutions with Virtual Private Networks (300-730 SVPN v1.1) is a 90-minute exam associated with the Cisco Certified Specialist – Network Security VPN Implementation certification and satisfies the concentration exam requirement for the CCNP Security certification.

The exam tests your knowledge of implementing secure remote communications with VPN solutions, including:
Secure communications
Architectures
Troubleshooting

Course Objectives

Introduce site-to-site VPN options available on Cisco router and firewalls
Introduce remote access VPN options available on Cisco router and firewalls
Review site-to-site and remote access VPN design options
Review troubleshooting processes for various VPN options available on Cisco router and firewalls

Course Prerequisites

The knowledge and skills you are expected to have before attending this training are:
Familiarity with the various Cisco router and firewall command modes
Experience navigating and managing Cisco routers and firewalls
Clear understanding of the benefits of site-to-site and remote access VPN options
These skills can be found in the following Cisco Learning Offerings:
Implementing and Administering Cisco Solutions (CCNA®)
Implementing and Operating Cisco Security Core Technologies (SCOR)

Course Outline

Introducing VPN Technology Fundamentals
Implementing Site-to-Site VPN Solutions
Implementing Cisco IOS Site-to-Site Flex VPN Solutions
Implement Cisco IOS GET VPN Solutions
Implementing Cisco AnyConnect VPNs
Implementing Clientless VPNs

Lab Outline

Explore IPsec Technologies
Implement and Verify Cisco IOS Point-to-Point VPN
Implement and Verify Cisco ASA Point-to-Point VPN
Implement and Verify Cisco IOS VTI VPN
Implement and Verify DMVPN
Troubleshoot DMVPN
Implement and Verify FlexVPN with Smart Defaults
Implement and Verify Point-to-Point FlexVPN
Implement and Verify Hub-and-Spoke FlexVPN
Implement and Verify Spoke-to-Spoke FlexVPN
Troubleshoot Cisco IOS FlexVPN
Implement and Verify AnyConnect TLS VPN on ASA
Implement and Verify Advanced AAA on Cisco AnyConnect VPN
Implement and Verify Clientless VPN on ASA

Длительность обучения:

Instructor-led training: 1 day in the classroom
Virtual instructor-led training: 1 day of web-based classes
E-learning: Equivalent of 1 day of instruction with hands-on lab practice

Кому следует посетить:

This course benefits cloud consumers and administrators of public cloud, private cloud, and hybrid cloud infrastructures:
Security architects
Cloud architects
Network engineers and administrators
System engineers and adminstrators
Cloud security consumers
Cloud application administrators
IT managers
Line of business managers
Cisco integrators and partners

Предварительные требования:

This course has no prerequisites, but you’ll get the most from the course if you have the following knowledge and skills:
Basic computer literacy
Basic PC operating system navigation skills
Basic Internet usage skills
Basic IP address knowledge
We also recommend that you have the following skills:
Prior knowledge of cloud computing and virtualization software basics

Программа курса:

After taking this course, you should be able to:

Describe public, private, and hybrid cloud models, concepts, and design
Explain the concepts and components for securing cloud environments
Describe Cisco security offerings for Amazon Web Services (AWS)
Define methods to secure SaaS application usage

Дополнительно:

This class includes lecture sections and some self-study sections. In instructor-led classes, lectures are delivered in real-time, either in person or via video conferencing. In e-learning classes, the lectures are on recorded videos

Длительность обучения:

Instructor-led training: 4 days in the classroom with hands-on lab practice
Virtual instructor-led training: 4 days of web-based classes with hands-on lab practice
E-learning: Equivalent of 4 days of instruction with videos, practice, and challenges

Кому следует посетить:

This course is open to engineers, administrators, and security-minded users of public, private, and hybrid cloud infrastructures responsible for implementing security in cloud environments:
Security architects
Cloud architects
Security engineers
Cloud engineers
System engineers
Cisco integrators and partners

Предварительные требования:

To fully benefit from this course, you should have completed the following course or obtained the equivalent knowledge and skills:
Knowledge of cloud computing and virtualization software basics
Ability to perform basic UNIX-like OS commands
Cisco CCNP® security knowledge or understanding of the following topic areas:
Topic areas/Available in these courses
Cisco Adaptive Security Appliance (ASA) and Adaptive Security Virtual Appliance (ASAv) deployment, and Cisco IOS® Flexible NetFlow operations/Implementing Cisco Edge Network Security Solutions (SENSS)
Cisco NGFW (Cisco Firepower Threat Defense [FTD]), Cisco Firepower, and Cisco Firepower Management Center (FMC) deployment
Cisco Content Security operations including Cisco Web Security Appliance (WSA)/ Cisco Email Security Appliance (ESA)/Cisco Cloud Web Security (CWS)Cisco AMP for network and endpoints deployment/Implementing Cisco Threat Control Solutions (SITCS)
Cisco ISE operations and Cisco TrustSec architecture/Implementing Cisco Secure Access Solutions (SISAS)
VPN operation/Implementing Cisco Secure Mobility Solutions (SIMOS)

Программа курса:

After taking this course, you should be able to:
Contrast the various cloud service and deployment models
Implement the Cisco Security Solution for SaaS using Cisco Cloudlock Micro Services
Deploy cloud security solutions using Cisco AMP for Endpoints, Cisco Umbrella, and Cisco Cloud Email Security
Define Cisco cloud security solutions for protection and visibility using Cisco virtual appliances and Cisco Stealthwatch Cloud
Describe the network as a sensor and enforcer using Cisco Identity Services Engine (ISE), Cisco Stealthwatch Enterprise, and Cisco TrustSec®
Implement Cisco Firepower NGFW Virtual (NGFWv) and Cisco Stealthwatch Cloud to provide protection and visibility in AWS environments
Explain how to protect the cloud management infrastructure by using specific examples, defined best practices, and AWS reporting capabilities

Дополнительно:

This class includes lecture sections and some self-study sections. In instructor-led classes, lectures are delivered in real-time, either in person or via video conferencing. In e-learning classes, the lectures are on recorded videos

Кому следует посетить:

Курс предназначен для тех, кто работает на стыке телефонии и информационной безопасности, а также всем инженерам, работающим с архитектурой и продуктами UC. Данный курс следует посетить сетевым администраторам, сетевым инженерам, а также системным инженерам.

Предварительные требования:

Перед посещением данного курса слушатели должны обладать следующими навыками:
Практические знания конвергентных голосовых сетей и СХД
Знакомство с Cisco IOS gateway, Cisco Unified SRST gateway и Cisco Unified Border Element
Знание продуктов Cisco Unified Communications Manager и Cisco Unified Communications Manager Express
Рекомендовано наличие сертификата CCNP® Voice

Дополнительные навыки, которые будут полезны:

Знание основ сетевой безопасности
Знание технологий Cisco IOS Firewall и Cisco ASA adaptive security appliance firewalls
Знакомство с IPsec и SSL VPNs
Рекомендовано наличие сертификата CCNA® Security

Цели курса:

После посещения тренинга слушатели смогут:
Определять уязвимые места в сетях Cisco Unified Communications, а также описывать стратегии безопасности, криптографические сервисы , PKI и технологии VPN
Использовать функционал системы безопасности сетевой инфраструктуры
Внедрять Cisco Unified Communications Manager и Cisco Unified Communications endpoint security features

Содержание курса:

5-дневный курс UCSEC посвящен описанию уязвимостей и атак на инфраструктуру IP-телефонии, а также методов борьбы с ними и методов обеспечения безопасности инфраструктуры. За время курса слушатели научатся определять уязвимые места в сетях Cisco Unified Communications, а также описывать стратегии безопасности, криптографические сервисы PKI и технологии VPN, использовать функционал системы безопасности сетевой инфраструктуры и внедрять функции безопасности в Cisco Unified Communications Manager и терминалах Cisco.

Программа курса

1. Введение

2. Уязвимости сети Cisco Unified Communications и основы безопасности

2.1. Оценка уязвимостей сети Cisco Unified Communications
2.2. Стратегии реализации безопасности
2.3. Криптографические службы и функции
2.4. Управления ключами и PKI
2.5. IPsec и Cisco AnyConnect SSL VPN
2.6. Лабораторная работа 1: Идентификация уязвимых мест в Cisco UC сетях

3. Функционал системы безопасности сетевой инфраструктуры

3.1. Разделение сети и фильтрация пакетов
3.2. Функции безопасности коммутаторов
3.3. Cisco AnyConnect SSL VPN в сетях Cisco Unified Communications
3.4. Лабораторная работа 2: Внедрение межсетевых экранов
3.5. Лабораторная работа 3: Внедрение 802.1X
3.6. Лабораторная работа 4: Внедрение Cisco AnyConnect SSL VPN-ов

4. Cisco Unified Communications Manager и функции защиты абонентских устройств

4.1. Повышение защиты абонентских устройств
4.2. Предотвращение мошеннических звонков
4.3. Встроенные функции безопасности Cisco Unified Communications Manager
4.4. Функции безопасности Cisco Unified Communications Manager, основанные на маркерах безопасности
4.5. Лабораторная работа 5: Внедрение механизмов безопасности Cisco Unified Communications Manager, основанных на безопасных токенах

5. Интеграция Cisco Unified Communications с внешними элементами защиты

5.1. Применение SRTP для шлюзов и защита сигнала средствами IPSec
5.2. Применение SRTP для шлюзов и защита сигнала в SRST and Cisco Unified Communications Manager Express
5.3. Trusted Relay Points
5.4. Прокси
5.5. Лабораторная работа 6: Внедрение SRTP на шлюзах и защита сигнализации с помощью IPsec
5.6. Лабораторная работа 7: Внедрение безопасного SRST и безопасного Cisco Unified Communications Manager Express
5.7. Лабораторная работа 8: Внедрение Trusted Relay Points
5.8. Лабораторная работа 9: Внедрение прокси для сигнализации и RTP потоков

Course Description 

The Introduction to 802.1X Operations for Cisco Security Professionals (802.1X) v1.0 shows you how to configure and prepare to deploy Cisco^® Identity-Based Networking Services (IBNS) solutions based on Cisco Identity Services Engine (ISE), Cisco Catalyst switches, and Cisco Wireless LAN Controllers. You will learn the fundamentals of the 802.1X protocol and configuration, Cisco IBNS, configuring access for non-supplicant devices, Cisco ISE deployment options, architectural components, considerations with 802.1X, and more. You will also gain hands-on experience configuring 802.1X–based network services using the Cisco Identity Services Engine and a Cisco Catalyst switch.

How You'll Benefit

This class will help you:
Learn about and practice configuring Cisco Identity-Based Networking Services solutions at your own pace
Build your skills using Cisco Identity-Based Networking Services (IBNS) to secure network connectivity and resources.

Who Should Enroll

Security architects
Design engineers
Network engineers
Cisco integrators and partners

Course Objectives

After taking this course, you should be able to:
Describe Cisco Identity-Based Networking Services (IBNS) for providing access control to corporate networks.
Describe Extensible Authentication Protocol (EAP) authentication types and methods, and the role of Remote Authentication Dial-In User Service (RADIUS) in EAP communications.
Describe how to configure Cisco Catalyst switches, Cisco Wireless LAN Controllers (WLCs), and Cisco ISE for 802.1X operation.
Describe how to configure access for non-supplicant devices in an 802.1X deployment.
Describe how to plan and deploy Cisco IBNS Networks with Cisco ISE and 802.1X.

Course Prerequisites

To fully benefit from this course, you should have knowledge of these topics:
Cisco wireless LAN controllers
Basic command-line configuration of Cisco Catalyst switches
Microsoft Windows Server Active Directory
Here are some recommended Cisco learning offerings that can help you meet these prerequisites:Cisco CCNA^® Security Certification training
Cisco CCNA Routing and Switching Certification training
Cisco CCNA Wireless Certification training

Course Outline

Describing Cisco Identity-Based Networking Services
Cisco IBNS Overview
Authentication, Authorization, and Accounting (AAA) Role in Cisco IBNS
Compare Cisco IBNS and Cisco ISE Solutions
Explore Cisco IBNS Architecture Components
Explore Cisco TrustSec

Describing 802.1X EAP Authentication
Explore the IEEE 802.1X Standard
Explore 802.1X and EAP
Explain EAP Methods
Describe the Role of RADIUS in EAP Communications

Configuring Devices for 802.1X Operation
Identify 802.1X Components and Topologies
Configure Cisco Catalyst Switch for 802.1X
Compare IBNS 1.0 and 2.0 on Cisco Catalyst Switch
Configure Cisco WLC for 802.1X
Configure Cisco ISE for 802.1X
Configure Supplicants for 802.1X Operation

Configuring Access for Non-Supplicant Devices
Configure Cisco IBNS for Non-Supplicant Devices
Explore IBNS 2.0 for Non-Supplicant Devices
Configure Cisco Central Web Authentication for Guests

Designing Cisco IBNS Networks with Cisco ISE and 802.1X
Cisco ISE Architectural Components
Introducing the Cisco ISE Bring Your Own Device (BYOD) Process
Identify Cisco ISE Deployment Options
Identify Component Compatibilities with 802.1X
Review 802.1X Design Considerations

Lab Outline

Configure and Test 802.1X Operations

Кому следует посетить:

Этот курс предназначен для технических специалистов, которым необходимо знать, как развертывать Cisco Firepower NGIPS и управлять им в своей сетевой среде.

Администраторы безопасности
Консультанты по безопасности
Сетевые администраторы
Системные инженеры
Персонал технической поддержки
Торговые партнеры и реселлеры

Предварительные требования:

Для прохождения данного курса рекомендуется обладать знаниями и навыками:

Базовое понимание работы TCP/IP сетей
Базовые знания о работе систем IDS и IPS

Цели курса:

После прохождения данного курса слушатели будут уметь:

Описывать компоненты Cisco Firepower Threat Defense, управлять процессом регистрации устройства
Настраивать политику обнаружения устройств
Внедрять политик контроля доступа
Настраивать intrusion-политики
Создавать и анализировать отчеты Firepower Management Center
Интегрировать Firepower Management Center с внешними системами логирования
Обновлять ПО и управлять административными аккаунтами Firepower Management Center
Использовать базовые команды и инструменты для поиска и устранения неполадок в работе Firepower Management Center и устройств Firepower Threat Defense

Программа курса:

Введение

Обзор Cisco Firepower Threat Defense
Сравнение и анализ систем предотвращения вторжений и межсетевых экранов
Основные функции и компоненты системы Firepower Threat Defense
Сравнение модельного ряда
Принципы лицензирования
Процесс внедрения Firepower

Настройки устройства Firepower NGFW

FXOS и Firepower Device Manager
Управление устройствами
Исследование политик Firepower Management Center
Системные настройки, показатели здоровья устройства

Контроль трафика

Packet Processing
Bypassing

Механизм анализа сети Firepower Discovery

Обзор механизма анализа сети
Анализ профиля хоста
Работа с идентификационной информацией пользователя

Политика контроля доступа к ресурсам

Введение, анализ работы политики
Анализ списка правил, действие по умолчанию
Further Inspection
Расширенные функции
Рекомендации для внедрения политики контроля доступа

Механизм Security Intelligence

Обзор механизма Security Intelligence
Объекты Security Intelligence
Настройка Security Intelligence, анализ логов

Контроль файлов и расширенная защита от вредоносного ПО

Анализ файловой политики
Анализ сервиса AMP

Система предотвращения вторжений

Введение, Snort-правила
Variables, Variable Set
Создание IPS-политики
Настройка IPS-политики
Управление IPS-политикой

Политика анализа сети

Исследование работы препроцессора
Обзор политики анализа сети

Дополнительные техники анализа

Анализ событий
Типа событий
Контекстная информация
Инструменты для анализа

Интеграция с другими платформами

Интеграция с Cisco ISE
Интеграция со Splunk

Политики корреляции и оповещения

Оповещение внешних систем
Политика корреляции

Системное администрирование

Обновления ПО
Управление пользовательскими аккаунтами

Поиск и устранение неполадок в работе системы Firepower

Распространенные ошибки в настройках
Команды для поиска и устранения неполадок
Packet Capture

Этот курс поможет Вам:

Получить знания и навыки, которые необходимы для настройки и эксплуатации передовой сетевой системы защиты информации Cisco.

В процессе прохождения данного курса Вы научитесь:

Понимать архитектуру, разбираться в управляющих и исполнительных компонентах системы, понимать взаимодействия между компонентами системы;
Понимать принципы лицензирования;
Понимать возможные варианты разворачивания компонентов системы;
Понимать назначение, редактировать и создавать политики Management;
Понимать возможные пути прохождения трафика через систему;
Использовать механизм Discovery для анализа сети и создания профилей хостов;
Использовать механизм Security Intelligence;
Понимать принципы работы, редактировать и создавать политики контроля доступа к ресурсам, политики контроля файлов и сервиса AMP, политики системы предотвращения вторжений, политики анализа сети;
Работать с инструментами для анализа событий;
Искать и устранять неполадки в работе системы.

Предварительные требования:

Данный курс предполагает наличие у слушателей базового знания сетевых технологий, терминологии в области ИБ, умения работать с Windows Workstation, понимания TCP/IP.

Course Outline

1. Cisco Secure Firewall Family
2. Cisco Firepower Threat Defense Components and Features
3. Firepower Threat Defense High Availability and Clustering
4. Routing for Firepower Threat Defense
5. Network Address Translation (NAT)
6. Firepower Discovery
7. Prefiltering and Prefilter Policies
8. Security Intelligence
9. SSL Policy
10. Access Control Policy
11. File Control and Advanced Malware Protection
12. Next-Generation Intrusion Prevention Systems
13. Network Analysis Policies
14. Correlation Policy
15. Firepower QoS
16. Firepower Threat Defense VPN
17. Cisco Threat Intelligence Director
18. Event Analysis Techniques
19. Cisco Secure Firewall Troubleshooting

Lab Outline

1. Navigating Firepower Management Center
2. FTD Device Configuration
3. NAT Configuration
4. Network Discovery Policy
5. Object Management
6. Access Control Policy
7. Security Intelligence
8. File Policy
9. Intrusion Policy
10. Network Analysis Policy
11. SSL Policy Configuration
12. QoS Policy Configuration
13. Correlation Policy

Course Overview

The Understanding Cisco SDA Fundamentals (SDAFND) v1.0 course introduces you to Cisco® Software-Defined Access and teaches you, through a combination of lectures and labs, how to implement simple, single-site fabric networks. You will learn the benefits of leveraging Software-Defined Access in the Cisco-powered Enterprise Campus network. SDAFND will introduce the solution, its architecture and components, and guide you through labs to design and deploy simple Cisco SD-Access networks.

This course will help you:

Deploy Cisco SD-Access networks
Explain Cisco Software-Designed Access
Operate, manage, and integrate Cisco DNA Center™
Prepare for various Cisco certifications: Cisco Certified Specialist – Enterprise Core (ENCOR), and Cisco Certified Specialist – Enterprise Design (ENSLD)

Who should attend

Field engineers
Network engineers
Network administrators
System engineers

Prerequisites

To fully benefit from this course, you should have the following knowledge and skills:

CCNP® level core networking knowledge
Ability to use Windows and Linux CLI tools such as ping, SSH, or running scripts

These are the recommended Cisco offerings that may help you meet these prerequisites:

Implementing and Administering Cisco Solutions (CCNA)
Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR)

Course Objectives

After taking this course, you should be able to:

Describe Cisco SD-Access architecture and its components
Explain Cisco DNA Center deployment models, scaling, and high availability
Identify Cisco SD-Access fabric protocols and node roles
Understand the Cisco SD-Access Wireless deployment models
Automate Day 0 device onboarding with Cisco DNA Center LAN Automation and Network PnP
Deploy simple Cisco SD-Access fabric networks
Monitor health and performance of the network with Cisco DNA Center Assurance
Interact with the Cisco DNA Center Platform Intent APIs

Course Outline:

Understanding Cisco SDA Fundamentals (SDAFND)
Introducing Cisco SD-Access
Introducing Cisco DNA Center
Exploring Cisco SD-Access Solution Components
Exploring Cisco SD-Access Wireless Architecture
Automating Network Changes with Cisco DNA Center
Deploying Fabric Networks with Cisco DNA Center
Exploring Cisco DNA Center Assurance
Exploring Cisco DNA Center Programmability

Lab Topology

Explore Cisco DNA Center User Interface
Verify Location Identifier Separation Protocol (LISP) Operation in Cisco SD-Access
Integrate Cisco DNA Center and Cisco Identity Services Engine (Cisco ISE)
Provision Access Points in Cisco DNA Center
Provision Underlay Networks with Cisco DNA Center LAN Automation
Provision Underlay Networks with Cisco DNA Center LAN Automation (cont.)
Deploy Cisco SD-Access Single Site Fabric
Deploy Cisco SD-Access Single Site Fabric (cont.)
Explore Cisco DNA Center Assurance
Cisco DNA Assurance Issues and Guided Remediation
Interact with Cisco DNA Center Intent APIs Using Python

Course Overview

The Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRules) v2.1 course shows you how to write rules for Snort, an open-source intrusion detection and prevention system. Through a combination of expert-instruction and hands-on practice, this course provides you with the knowledge and skills to develop and test custom rules, standard and advanced rules-writing techniques, how to integrate OpenAppID into rules, rules filtering, rules tuning, and more. The hands-on labs give you practice in creating and testing Snort rules.

This course will help you:

Gain an understanding of characteristics of a typical Snort rule development environment
Gain hands-on practices on creating rules for Snort
Gain knowledge in Snort rule development, Snort rule language, standard and advanced rule options

Who should attend

This course is for technical professionals to gain skills in writing rules for Snort-based intrusion detection systems (IDS) and intrusion prevention systems (IPS). The primary audience includes:

Security administrators
Security consultants
Network administrators
System engineers
Technical support personnel using open source IDS and IPS
Channel partners and resellers

Prerequisites

To fully benefit from this course, you should have:

Basic understanding of networking and network protocols
Basic knowledge of Linux command-line utilities
Basic knowledge of text editing utilities commonly found in Linux
Basic knowledge of network security concepts
Basic knowledge of a Snort-based IDS/IPS system

Course Objectives

After taking this course, you should be able to:

Describe the Snort rule development process
Describe the Snort basic rule syntax and usage
Describe how traffic is processed by Snort
Describe several advanced rule options used by Snort
Describe OpenAppID features and functionality
Describe how to monitor the performance of Snort and how to tune rules

Course Outline:

Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRULES)
Introduction to Snort Rule Development
Snort Rule Syntax and Usage
Traffic Flow Through Snort Rules
Advanced Rule Options
OpenAppID Detection
Tuning Snort

Lab Topology

Connecting to the Lab Environment
Introducing Snort Rule Development
Basic Rule Syntax and Usage
Advanced Rule Options
OpenAppID
Tuning Snort

Course Overview

The Securing Cisco Networks with Open Source Snort (SSFSNORT) v2.1 course shows you how to deploy a network intrusion detection system based on Snort. Through a combination of expert instruction and hands-on practice, you will learn how to install, configure, operate, and manage a Snort system, rules writing with an overview of basic options, advanced rules writing, how to configure Pulled Pork, and how to use OpenAppID to provide protection of your network from malware. You will learn techniques of tuning and performance monitoring, traffic flow through Snort rules, and more.

How You'll Benefit

This training will help you:
Learn how to implement Snort, an open-source, rule-based, intrusion detection and prevention system
Gain leading-edge skills for high-demand responsibilities focused on security
Earn 32 CE credits towards recertification

Who should attend

Security administrators
Security consultants
Network administrators
System engineers
Technical support personnel
Channel partners and resellers

Course Prerequisites

There are no prerequisites for this training. However, the knowledge and skills you are recommended to have before attending this training are:
Technical understanding of transmission control protocol/internet protocol (TCP/IP) networking and network architecture
Proficiency with Linux and UNIX text editing tools, such as vi editor

These skills can be found in the following Cisco Learning Offering:
Implementing and Administering Cisco Solutions (CCNA)

Course Objectives

Describe Snort technology and identify resources available for maintaining a Snort deployment
Install Snort on a Linux-based operating system
Describe the Snort operation modes and their command-line options
Describe the Snort intrusion detection output options
Download and deploy a new rule set to Snort
Describe and configure the snort.conf file
Configure Snort for inline operation and configure the inline-only features
Describe the Snort basic rule syntax and usage
Describe how traffic is processed by the Snort engine
Describe several advanced rule options used by Snort
Describe OpenAppID features and functionality
Describe how to monitor Snort performance and how to tune rules
Course Benefits

Course Outline

Snort Installation
Snort Operation
Snort Intrusion Detection Output
Rule Management
Snort Configuration
Inline Operation and Configuration
Snort Rule Syntax and Usage
Traffic Flow Through Snort Rules
Advanced Rule Options
OpenAppID Detection
Tuning Snort

Lab Outline

Connecting to the Lab Environment
Snort Installation
Snort Operation
Snort Intrusion Detection Output
Pulled Pork Installation
Configuring Variables
Reviewing Preprocessor Configurations
Inline Operations
Basic Rule Syntax and Usage
Advanced Rule Options
OpenAppID
Tuning Snort

Course Overview

The Securing Networks with Cisco Firepower Next Generation Firewall (SSNGFW) v1.0 course shows you how to deploy and use Cisco Firepower® Threat Defense system. This hands-on course gives you knowledge and skills to use and configure Cisco® Firepower Threat Defense technology, beginning with initial device setup and configuration and including routing, high availability, Cisco Adaptive Security Appliance (ASA) to Cisco Firepower Threat Defense migration, traffic control, and Network Address Translation (NAT). You will learn how to implement advanced Next-Generation Firewall (NGFW) and Next-Generation Intrusion Prevention System (NGIPS) features, including network intelligence, file type detection, network-based malware detection, and deep packet inspection. You will also learn how to configure site-to-site VPN, remote-access VPN, and SSL decryption before moving on to detailed analysis, system administration, and troubleshooting.

Course Prerequisites

Attendees should meet the following prerequisites:
Knowledge of TCP/IP and basic routing protocols — ICND1 or CCNA Recommended
Familiarity with firewall, vpn and IPS concepts — IINS or SFNDU Recommended

Recommended prerequisites:

CCNA — Implementing and Administering Cisco Solutions
SCOR — Implementing and Operating Cisco Security Core Technologies

Target Audience:

This course is designed for technical professionals who need to know how to deploy and manage a Cisco Firepower NGIPS and NGFW in their network environments.

Course Objectives:

After completing this course, you should be able to:
Describe key concepts of NGIPS and NGFW technology and the Cisco Firepower Threat Defense system and identify deployment scenarios
Perform initial Firepower Threat Defense device configuration and setup tasks
Describe how to manage traffic and implement Quality of Service (QoS) using Cisco Firepower Threat Defense
Describe how to implement NAT by using Cisco Firepower Threat Defense
Perform an initial network discovery, using Cisco Firepower to identify hosts, applications and services
Describe the behavior, usage and implementation procedure for access control policies
Describe the concepts and procedures for implementing security Intelligence features
Describe Cisco AMP for Networks and the procedures for implementing file control and Advanced Malware Protection
Implement and manage intrusion policies
Describe the components and configuration of site-to-site VPN
Describe and configure a remote-access SSL VPN that uses Cisco AnyConnect
Describe SSL decryption capabilities and usage

Course Content:

Cisco Firepower Threat Defense Overview:

Examining Firewall and IPS Technology
Firepower Threat Defense Features and Components
Examining Firepower Platforms
Examining Firepower Threat Defense Licensing
Cisco Firepower Implementation Use Cases

Cisco Firepower NGFW Device Configuration

Firepower Threat Defense Device Registration
FXOS and Firepower Device Manager
Initial Device Setup
Managing NGFW Devices
Examining Firepower Management Center Policies
Examining Objects
Examining System Configuration and Health Monitoring
Device Management
Examining Firepower High Availability
Configuring High Availability
Cisco ASA to Firepower Migration
Migrating from Cisco ASA to Firepower Threat Defense

Cisco Firepower NGFW Traffic Control

Firepower Threat Defense Packet Processing
Implementing QoS
Bypassing Traffic

Cisco Firepower NGFW Address Translation

NAT Basics
Implementing NAT
NAT Rule Examples
Implementing NAT

Cisco Firepower Discovery

Examining Network Discovery
Configuring Network Discovery

Implementing Access Control Policies

Examining Access Control Policies
Examining Access Control Policy Rules and Default Action
Implementing Further Inspection
Examining Connection Events
Access Control Policy Advanced Settings
Access Control Policy Considerations
Implementing an Access Control Policy

Security Intelligence

Examining Security Intelligence
Examining Security Intelligence Objects
Security Intelligence Deployment and Logging
Implementing Security Intelligence

File Control and Advanced Malware Protection

Examining Malware and File Policy
Examining Advanced Malware Protection

Next-Generation Intrusion Prevention Systems

Examining Intrusion Prevention and Snort Rules
Examining Variables and Variable Sets
Examining Intrusion Policies

Site-to-Site VPN

Examining IPsec
Site-to-Site VPN Configuration
Site-to-Site VPN Troubleshooting
Implementing Site-to-Site VPN

Remote-Access VPN

Examining Remote-Access VPN
Examining Public-Key Cryptography and Certificates
Examining Certificate Enrollment
Remote-Access VPN Configuration
Implementing Remote-Access VPN

SSL Decryption

Examining SSL Decryption
Configuring SSL Policies
SSL Decryption Best Practices and Monitoring

Detailed Analysis Techniques

Examining Event Analysis
Examining Event Types
Examining Contextual Data
Examining Analysis Tools
Threat Analysis

System Administration

Managing Updates
Examining User Account Management Features
Configuring User Accounts
System Administration

Cisco Firepower Troubleshooting

Examining Common Misconfigurations
Examining Troubleshooting Commands
Firepower Troubleshooting

Labs

Lab 1: Initial Device Setup
Lab 2: Device Management
Lab 3: Configuring High Availability
Lab 4: Migrating from Cisco ASA to Firepower Threat Defense
Lab 5: Implementing QoS
Lab 6: Implementing NAT
Lab 7: Configuring Network Discovery
Lab 8: Implementing an Access Control Policy
Lab 9: Implementing Security Intelligence
Lab 10: Implementing Site-to-Site VPN
Lab 11: Implementing Remote Access VPN
Lab 12: Threat Analysis
Lab 13: System Administration
Lab 14: Firepower Troubleshooting

Course Description

The Advanced Techniques for Cisco Firewall Threat Defense and Intrusion Prevention (SFWIPA) training shows you how to deploy Cisco Secure Firewall Threat Defense system and its features as a data center network firewall or as an Internet Edge firewall with Virtual Private Network (VPN) support. You will learn how to configure identity-based policies, Secure Sockets Layer (SSL) decryption, remote-access VPN, and site-to-site VPN before moving on to advanced Intrusion Prevention System (IPS) configuration and event management, integrations with other systems, and advanced troubleshooting. You will also learn how to automate configuration and operations of Cisco Secure Firewall Threat Defense system using programmability and Application Programming Interfaces (APIs) and how to migrate configuration from Cisco Secure Firewall Adaptive Security Appliances (ASA).

This training prepares you for the Securing Networks with Cisco Firepower (300-710 SNCF) v1.1 exam. If passed, you earn the Cisco Certified Specialist – Network Security Firepower certification and satisfy the concentration exam requirement for the Cisco Certified Network Professional (CCNP) Security certification. This training also earns you 40 Continuing Education (CE) credits toward recertification.

How You'll Benefit

This training will help you:
Attain advanced knowledge of Cisco Secure Firewall Threat Defense technology
Gain competency and skills required to implement and manage a Cisco Secure Firewall Threat Defense system regardless of platform
Learn detailed information on policy management, traffic flow through the system, and the system architecture
Deploy and manage many of the advanced features available in the Cisco Secure Firewall Threat Defense system
Gain knowledge for protocols, solutions, and designs to acquire professional-level and expert-level security roles
Prepare for the 300-710 SNCF v1.1 exam
Earn 40 CE credits toward recertification

Who Should Enroll

System Installers
System Integrators
System Administrators
Network Administrators
Solutions Designers

What to Expect in the Exam

300-710 SNCF: Securing Networks with Cisco Firepower is a 90-minute exam associated with the Cisco Certified Specialist – Network Security Firepower certification and satisfies the concentration exam requirement for the CCNP Security certification.

The multiple-choice format tests your knowledge of Cisco Firepower Threat Defense and Firepower 7000 and 8000 Series virtual appliances, including:
Policy configurations
Integrations
Deployments
Management and troubleshooting

Course Objectives

Describe Cisco Secure Firewall Threat Defense
Describe advanced deployment options on Cisco Secure Firewall Threat Defense
Describe advanced device settings for Cisco Secure Firewall Threat Defense device
Configure dynamic routing on Cisco Secure Firewall Threat Defense
Configure advanced network address translation on Cisco Secure Firewall Threat Defense
Configure SSL decryption policy on Cisco Secure Firewall Threat Defense
Deploy Remote Access VPN on Cisco Secure Firewall Threat Defense
Deploy identity-based policies on Cisco Secure Firewall Threat Defense
Deploy site-to-site IPsec-based VPN on Cisco Secure Firewall Threat Defense
Deploy advanced access control settings on Cisco Secure Firewall Threat Defense
Describe advanced event management on Cisco Secure Firewall Threat Defense
Describe available integrations with Cisco Secure Firewall Threat Defense
Troubleshoot traffic flow using advanced options on Cisco Secure Firewall Threat Defense
Describe benefits of automating configuration and operations of Cisco Secure Firewall Threat Defense
Describe configuration migration to Cisco Secure Firewall Threat Defense

Course Prerequisites

There are no prerequisites for this training. However, the knowledge and skills you are recommended to have before attending this training are:
Knowledge of Transmission Control Protocol/Internet Protocol (TCP/IP)
Basic knowledge of routing protocols
Familiarity with the content explained in the Securing Internet Edge with Cisco Secure Firewall Threat Defense training

These skills can be found in the following Cisco Learning Offerings:
Implementing and Administering Cisco Solutions (CCNA)
Fundamentals of Cisco Firewall Threat Defense and Intrusion Prevention (SFWIPF)

Course Outline

Introducing Cisco Secure Firewall Threat Defense
Describing Advanced Deployment Options on Cisco Secure Firewall Threat Defense
Configuring Advanced Device Settings on Cisco Secure Firewall Threat Defense
Configuring Dynamic Routing on Cisco Secure Firewall Threat Defense
Configuring Advanced NAT on Cisco Secure Firewall Threat Defense
Configuring SSL Policy on Cisco Secure Firewall Threat Defense
Deploying Remote Access VPN on Cisco Secure Firewall Threat Defense
Deploying Identity-Based Policies on Cisco Secure Firewall Threat Defense
Deploying Site-to-Site VPN on Cisco Secure Firewall Threat Defense
Configuring Snort Rules and Network Analysis Policies
Describing Advanced Event Management Cisco Secure Firewall Threat Defense
Describing Integrations on Cisco Secure Firewall Threat Defense
Troubleshooting Advanced Traffic Flow on Cisco Secure Firewall Threat Defense
Automating Cisco Secure Firewall Threat Defense
Migrating to Cisco Secure Firewall Threat Defense

Lab Outline

Deploy Advanced Connection Settings
Configure Dynamic Routing
Configure SSL Policy
Configure Remote Access VPN
Configure Site-to-Site VPN
Customize IPS and NAP Policies
Configure Cisco Secure Firewall Threat Defense Integrations
Troubleshoot Cisco Secure Firewall Threat Defense
Migrate Configuration from Cisco Secure Firewall ASA

Course Description 

The Fundamentals of Cisco Firewall Threat Defense and Intrusion Prevention (SFWIPF) training shows you how to implement and configure Cisco Secure Firewall Threat Defense for deployment as a next generation firewall at the internet edge. You’ll gain an understanding of Cisco Secure Firewall architecture and deployment, base configuration, packet processing and advanced options, and conducting Secure Firewall administration troubleshooting.

This training prepares you for the CCNP Security certification, which requires passing the 350-701 Implementing and Operating Cisco Security Core Technologies (SCOR) core exam and one concentration exam such as the 300-710 Securing Networks with Cisco Firepower (SNCF) concentration exam. This training also earns you 40 Continuing Education (CE) credits towards recertification.

How You'll Benefit

This training will teach you how to implement, configure, and manage Cisco Secure Firewall Threat Defense for deployment, including:
Configure settings and policies on Cisco Secure Firewall Threat Defense
Gain an understanding of Cisco Secure Firewall Threat Defense policies and explain how different policies influence packet processing through the device
Perform basic threat analysis and administration tasks using Cisco Secure Firewall Management Center

Who Should Enroll

Network security engineers
Administrators

What to Expect in the Exam

350-701 SCOR: Implementing and Operating Cisco Security Core Technologies is a 120-minute exam associated with the CCNP Security certification. The multiple-choice format tests knowledge and skills related to implementing and operating core security technologies, including:
Network security
Cloud security
Content security
Endpoint protection and detection
Secure network access
Visibility and enforcement

300-710 SNCF: Securing Networks with Cisco Firepower is a 90-minute exam associated with the CCNP Security certification. The multiple-choice format tests knowledge of Cisco Firepower® Threat Defense and Firepower® 7000 and 8000 Series virtual appliances, including:
Policy configurations
Integrations
Deployments
Management and troubleshooting

Course Objectives

Describe Cisco Secure Firewall Threat Defense
Describe Cisco Secure Firewall Threat Defense Deployment Options
Describe management options for Cisco Secure Firewall Threat Defense
Configure basic initial settings on Cisco Secure Firewall Threat Defense
Configure high availability on Cisco Secure Firewall Threat Defense
Configure basic Network Address Translation on Cisco Secure Firewall Threat Defense
Describe Cisco Secure Firewall Threat Defense policies and explain how different policies influence packet processing through the device
Configure Discovery Policy on Cisco Secure Firewall Threat Defense
Configure and explain prefilter and tunnel rules in prefilter policy
Configure an access control policy on Cisco Secure Firewall Threat Defense
Configure security intelligence on Cisco Secure Firewall Threat Defense
Configure file policy on Cisco Secure Firewall Threat Defense
Configure Intrusion Policy on Cisco Secure Firewall Threat Defense
Perform basic threat analysis using Cisco Secure Firewall Management Center
Perform basic management and system administration tasks on Cisco Secure Firewall Threat Defense
Perform basic traffic flow troubleshooting on Cisco Secure Firewall Threat Defense
Manage Cisco Secure Firewall Threat Defense with Cisco Secure Firewall Threat Defense Manager

Course Prerequisites

Before taking this offering, you should understand:
TCP/IP
Basic routing protocols
Firewall, VPN, and IPS concepts

Course Outline

Introducing Cisco Secure Firewall Threat Defense
Describing Cisco Secure Firewall Threat Defense Deployment Options
Describing Cisco Secure Firewall Threat Defense Management Options
Configuring Basic Network Settings on Cisco Secure Firewall Threat Defense
Configuring High Availability on Cisco Secure Firewall Threat Defense
Configuring Auto NAT on Cisco Secure Firewall Threat Defense
Describing Packet Processing and Policies on Cisco Secure Firewall Threat Defense
Configuring Discovery Policy on Cisco Secure Firewall Threat Defense
Configuring Prefilter Policy on Cisco Secure Firewall Threat Defense
Configuring Access Control Policy on Cisco Secure Firewall Threat Defense
Configuring Security Intelligence on Cisco Secure Firewall Threat Defense
Configuring File Policy on Cisco Secure Firewall Threat Defense
Configuring Intrusion Policy on Cisco Secure Firewall Threat Defense
Performing Basic Threat Analysis on Cisco Secure Firewall Management Center
Managing Cisco Secure Firewall Threat Defense System
Troubleshooting Basic Traffic Flow
Cisco Secure Firewall Threat Defense Device Manager

Lab Outline

Perform Initial Device Setup
Configure High Availability
Configure Network Address Translation
Configure Network Discovery
Configure Prefilter and Access Control Policy
Configure Security Intelligence
Implement File Control and Advanced Malware Protection
Configure Cisco Secure IPS
Detailed Analysis Using the Firewall Management Center
Manage Cisco Secure Firewall Threat Defense System
Secure Firewall Troubleshooting Fundamentals
Configure Managed Devices Using Cisco Secure Firewall Device Manager

Course Description 

The Cisco DoD Comply-to-Connect (C2C) training teaches you how to implement and deploy a Department of Defense (DoD) Comply-to-Connect network architecture using Cisco Identity Services Engine (ISE). This training covers implementation of 802.1X for both wired and wireless devices and how Cisco ISE uses that information to apply policy control and enforcement. Additionally, other topics like supplicants, non-supplicants, ISE profiler, authentication, authorization, and accounting (AAA) and public key infrastructure (PKI) support, reporting and troubleshooting are covered. Finally, C2C specific use case scenarios are covered.

How You'll Benefit

This training will help you:
Learn how to operate, manage, configure, and troubleshoot the Cisco C2C solution
Gain an understanding of how the Cisco ISE security components relate to the C2C architecture
Earn 32 CE credits towards recertification

Who Should Enroll

This training is a Department of Defense mandate, ensuring compliance with cybersecurity protocols and procedures. The target audience includes individuals seeking the knowledge and skills involved in deploying, operating, and verifying Cisco DoD C2C network architecture, such as:
Network Security Engineers
Network Administrators
Security Administrators

Course Objectives

Define DoD C2C, including its steps and alignment with ISE features/functions and Zero Trust
Describe Cisco Identity-Based Networking Services
Explain 802.1X extensible authentication protocol (EAP)
Configure devices for 802.1X operation
Configure access for non-supplicant devices
Describe the Cisco Identity Services Engine
Explain Cisco ISE deployment
Describe Cisco ISE policy enforcement concepts
Describe Cisco ISE policy configuration
Explain PKI fundamentals, technology, components, roles, and software supplicants
Troubleshoot Cisco ISE policy and third-party network access device (NAD) support
Describe Cisco ISE TrustSec configurations
Describe the Cisco ISE profiler service
Describe profiling best practices and reporting
Configure endpoint compliance
Configure client posture services
Configure Cisco ISE device administration
Describe the four main use cases within C2C

Course Prerequisites

There are no prerequisites for this training. However, the knowledge and skills you are recommended to have before attending this training are:
Familiarity with 802.1X
Familiarity with Microsoft Windows Operating Systems
Familiarity with Cisco IOS CLI for wired and wireless network devices
Familiarity with Cisco Identity Service Engine
The following recommended Cisco offering may help you meet these prerequisites:
Implementing and Operating Cisco Security Core Technologies (SCOR)

Course Outline

C2C Fundamentals
Cisco Identity-Based Networking Services
802.1X EAP Authentication
Configure Devices for 802.1X Operation
Configure Access for Non-Supplicant Devices
Introducing Cisco ISE Architecture
Introducing Cisco ISE Deployment
Introducing Cisco ISE Policy Enforcement Components
Introducing Cisco ISE Policy Configuration
PKI and Advanced Supplicants
Troubleshooting Cisco ISE Policy and Third-Party NAD Support
Exploring Cisco TrustSec
Introducing the Cisco ISE Profiler
Introducing Profiling Best Practices and Reporting
Introducing Cisco ISE Endpoint Compliance Services
Configuring Client Posture Services and Compliance
Working with Network Access Devices
C2C Use Cases

Lab Outline

Configure and Test 802.1X Operations
Configure Initial Cisco ISE Configuration and System Certificate Usage
Integrate Cisco ISE with Active Directory
Configure Cisco ISE Policy for MAB
Configure Cisco ISE Policy for 802.1X
TEAP on Windows
Configure Cisco TrustSec
Configure Profiling
Customize the Cisco ISE Profiling Configuration
Create Cisco ISE Profiling Reports
Configure Cisco ISE Compliance Services
Configure Client Provisioning
Configure Posture Policies
Test and Monitor Compliance-Based Access
Configure Cisco ISE for Basic Device Administration
Configure Cisco ISE Command Authorization
DISA Reports
Certificate-Based Authentication for Cisco ISE Administration
Configure Cisco TrustSec
Configure Cisco ISE for Basic Device Administration
Configure Cisco ISE Command Authorization