Back to Search Results

Training Course Summary:

Network security has become more important than ever because of the need to deal with the increased number of network threats from worms and easy-to-use distributed denial of service (DDoS) tools. Today, companies can no longer afford to deal with network security in a reactionary mode due to the potential for severe financial and intellectual loss. For that reason, companies are investing in the security of their networks to provide a safe environment for their employees and customers. The Building Enhanced Cisco Security Networks Boot Camp teaches the students how to create a network security policy, an often overlooked but vital part of any network security deployment, as well as deploy several emerging security technologies. In practical labs, students will build a dynamic multipoint VPN (DMVPN), set up High Availability for IPSec (IPSec-HA), identify the Path MTU of a nested IPSec tunnel, configure a site-to-site IPSec VPN for split tunneling, secure network management, configure VMS 2.2 for IDS management, and set up Identity-Based Network Services (IBNS) for a wireless environment. To test the students' understanding of the course materials, the final phase of the class will be a network attack in which various tools will be used to attempt to gain access to their networks.

Pre-Requisites:

Cisco IOS routers, routing fundamentals, and IP addressing knowledge covered in the Interconnecting Cisco Networking Devices (ICND) course, or equivalent experience; preferred knowledge source is CCNA certification (required)
Managing Cisco Network Security (MCNS) 3.0 or equivalent experience with Cisco IOS-based security products (recommended)
Cisco Secure PIX Firewall Advanced (CSPFA) 3.1 or equivalent experience with the configuration of Cisco Secure PIX firewalls (recommended)
Cisco Secure Intrusion Detection System (CSIDS) 3.0 or equivalent experience configuring Cisco Secure IDS products (recommended)
Cisco Secure Virtual Private Networks (CSVPN) 3.1 or equivalent experience configuring Cisco Secure VPN products (recommended)
Aironet Wireless LAN Fundamentals (AWLF) 3.0 or equivalent experience configuring Cisco wireless products (recommended)

Who Should Attend:

Individuals who design security networks based on Cisco security products
Individuals who implement end-to-end Cisco security services
Individuals who deploy networks using Cisco security services

Training Course Overview/Content:

Introduction

Developing a Network Security Policy

Configuring Site-to-Site IPSec VPNs with Split Tunneling

Understanding Fragmentation, Path MTU Discovery, and Recursive Routing

Deploying IPSec-High Availability (IPSec-HA)

Implementing Dynamic Multipoint VPN (DMVPN)

Deploying Identity-Based Networking Services (IBNS) for a Wireless Network

Securing Cisco Network Management

Configuring VMS 2.2 for IDS Management

Common Network Attack Mitigation Lab Outline

Developing a Network Security Policy

Create a Threat Response Procedure for the Network Security Policy

Configure Cisco IOS for Site-to-Site VPN using IPSec

Configure a Remote Office for Secure Split Tunneling

Identify Path MTU for an Established Site-to-Site IPSec VPN

Configure Stateless High Availability Between IPSec Routers

Configure Connectivity to a Stateful High Availability IPSec Redundant Pair

Configure a NHRP Spoke Router to Participate in a DMVPN

Configure Cisco IOS for SSH

Configure SNMP v2 and SNMP ACLs

Configure a Wireless Network for 802.1X Using Cisco Secure ACS

Configure Cisco Secure PIX Firewall, Cisco IOS, Cisco Secure IDS, and Cisco VMS 2.2 to Mitigate and Respond to Network Threats