|
|
 |
Cisco Security Training
Advanced Services Building Enhanced Cisco Security Networks (BECSN)
|
|
|
Who Should Attend
 |
Individuals who design security networks based on Cisco security products
|
|
Individuals who implement end-to-end Cisco security services
|
|
Individuals who deploy networks using Cisco security services |
Prerequisites
|
Cisco IOS routers, routing fundamentals, and IP addressing knowledge covered in the Interconnecting Cisco Networking Devices (ICND) course, or equivalent experience; preferred knowledge source is CCNA certification (required)
|
|
Managing Cisco Network Security (MCNS) 3.0 or equivalent experience with Cisco IOS-based security products (recommended)
|
|
Cisco Secure PIX Firewall Advanced (CSPFA) 3.1 or equivalent experience with the configuration of Cisco Secure PIX firewalls (recommended)
|
|
Cisco Secure Intrusion Detection System (CSIDS) 3.0 or equivalent experience configuring Cisco Secure IDS products (recommended)
|
|
Cisco Secure Virtual Private Networks (CSVPN) 3.1 or equivalent experience configuring Cisco Secure VPN products (recommended)
|
|
Aironet Wireless LAN Fundamentals (AWLF) 3.0 or equivalent experience configuring Cisco wireless products (recommended) |
Course Objectives
| Network security has become more important than ever because of the need to deal with the increased number of network threats from worms and easy-to-use distributed denial of service (DDoS) tools. Today, companies can no longer afford to deal with network security in a reactionary mode due to the potential for severe financial and intellectual loss. For that reason, companies are investing in the security of their networks to provide a safe environment for their employees and customers.
|
|
|
|
|
|
|
|
|
|
|
| The Building Enhanced Cisco Security Networks Boot Camp teaches the delegate how to create a network security policy, an often overlooked but vital part of any network security deployment, as well as deploy several emerging security technologies. In practical labs, delegates will build a dynamic multipoint VPN (DMVPN), set up High Availability for IPSec (IPSec-HA), identify the Path MTU of a nested IPSec tunnel, configure a site-to-site IPSec VPN for split tunneling, secure network management, configure VMS 2.2 for IDS management, and set up Identity-Based Network Services (IBNS) for a wireless environment.
|
|
|
|
|
|
|
|
|
|
|
| To test the delegates understanding of the course materials, the final phase of the class will be a network attack in which various tools will be used to attempt to gain access to their networks. |
Course Content
|
Introduction
|
|
Developing a network security policy
|
|
Configuring site-to-site IPSec VPNs with split tunneling
|
|
Understanding fragmentation, path MTU discovery, and recursive routing
|
|
Deploying IPSec-HA
|
|
Implementing DMVPN
|
|
Deploying IBNS for a wireless network
|
|
Securing Cisco network management
|
|
Configuring CiscoWorks VMS 2.2 for IDS management
|
|
Common network attack mitigation
|
|
|
| Lab Outline
|
|
Developing a network security policy
|
|
Create a threat response procedure for the network security policy
|
|
Configure Cisco IOS Software for site-to-site VPN using IPSec
|
|
Configure a remote office for secure split tunneling
|
|
Identify path MTU for an established site-to-site IPSec VPN
|
|
Configure stateless high availability between IPSec routers
|
|
Configure connectivity to a stateful high-availability IPSec redundant pair
|
|
Configure a NHRP spoke router to participate in a DMVPN
|
|
Configure Cisco IOS Software for SSH Protocol
|
|
Configure Cisco SNMP v2 and Cisco SNMP ACLs
|
|
Configure a wireless network for 802.1X using Cisco secure ACS
|
|
Configure Cisco secure PIX firewall, Cisco IOS Software, Cisco secure IDS, and CiscoWorks VMS 2.2 to mitigate and respond to network threats |
Dates Europe
To book a course, please click on the required city name.
Germany
United Kingdom
Dates Americas
To book a course, please click on the required city name.
USA
|
|
|
|
Frankfurt