HBFITES

Who should attend

The primary audience for this course is as follows:

    Network Security Engineers (NSEs) involved in VPN design, implementation and maintenance.
    Cisco customers who implement and maintain Cisco routers and switches

The secondary audience for this course is as follows:

    Cisco channel partners who sell, implement, and maintain Cisco switches and routers
    Cisco engineers who support the sale of Cisco switches and routers

Certifications

This course is part of the following Certifications:

    CCIE Security (CCIES Security)
    Cisco Certified Network Professional Security (CCNP SECURITY)

Prerequisites

The knowledge and skills that a learner must have before attending this course are as follows:

    Cisco Certified Network Associate (CCNA) certification or equivalent in knowledge
    Cisco Certified Network Associate Security (CCNA Security) certification or equivalent in knowledge
    Working knowledge of the Microsoft Windows operating system

Course Objectives

Upon completing this course, the learner will be able to meet these overall objectives:

    Implement and maintain Cisco IOS Software infrastructure protection controls in a Cisco router- and switch-based network infrastructure
    Implement and maintain Cisco IOS Software threat control and containment technologies in a Cisco router-based perimeter infrastructure
    Implement and maintain Cisco IOS Software VPN technologies in a Cisco router-based WAN
    Implement and maintain Cisco IOS Software remote access VPN technologies in a Cisco router-based remote access solution

Course Content

The Securing Networks with Cisco Routers and Switches (SECURE) 1.0 course is a 5-day instructor-led course that aims at providing network security engineers with the knowledge and skills needed to secure Cisco IOS Software router- and switch-based networks, and provide security services based on Cisco IOS Software. Successful graduates will be able to secure the network environment using existing Cisco IOS Software features, as well as install and configure components of the Cisco IOS Software, such as zone-based policy firewall, Cisco IOS Intrusion Prevention System (IPS), user-based firewall, secure tunnels using IP Security (IPsec) virtual private network (VPN) technology including public key infrastructure (PKI), virtual tunnel interface/dynamic virtual tunnel interface (VTI/DVTI), Group Encrypted Transport VPN (GET VPN), Dynamic Multipoint Virtual Private Network (DMVPN), Secure Sockets Layer (SSL) VPN, and advanced switch security features. The course focuses on the implementation and troubleshooting aspects of the lifecycle services approach, adding some elements of the design phase as well.

High-Level Course Outline

This subtopic provides an overview of how the course is organized. The course contains these components:

    Course Introduction
    Deploying Cisco IOS Software Network Foundation Protection
    Deploying Cisco IOS Software Threat Control and Containment
    Deploying Cisco IOS Software Site-to-Site Transmission Security
    Deploying Secure Remote Access with Cisco IOS Software
    Appendix A: Case Study: Configuring and Verifying Basic 802.1X Features
    Appendix B: Deploying Advanced 802.1X Features
    Appendix C: Case Study: Configuring and Verifying Advanced 802.1X Features
    Lab Guide