Course Content
This task-oriented course teaches the knowledge and
skills needed to secure Cisco IOS router networks
Course Objectives
After completing this course the student should be able to:
- Identify network security threats.
- Secure remote access using Cisco Secure ACS for
Windows 2000 and Cisco IOS AAA software features.
- Protect Internet access by configuring a Cisco
perimeter router.
- Configure the Cisco IOS Firewall Feature Set Context-Based
Access Control.
- Configure Cisco IOS Firewall Authentication Proxy
- Configure Cisco IOS Firewall Intrusion Detection
System
- Use IPSec features in Cisco IOS software to create
a secure site-to-site VPN using pre-shared keys and digital certificates.
- Use Cisco Easy VPN features to create a secure
remote access VPN solution.
- Use Cisco Router Management Center to manage Cisco
Router VPN implementations.
Course Outline
- Course Introduction
- Network Security
- Basic Cisco Router Security
- Advanced AAA Security for Cisco Router Networks
- Cisco Router Threat Mitigation
- Cisco IOS Firewall Context-Based Access Control
Configuration
- Cisco IOS Firewall Authentication Proxy
- Cisco IOS Firewall Intrusion Detection System
- Building IPSec VPNs Using Cisco Routers
- Building Advanced IPSec VPNs Using Cisco Routers
and Certificate Authorities
- Configuring IOS Remote Access Using Cisco Easy
VPN
- Managing Enterprise VPN Routers
Course Content
This task-oriented course teaches the knowledge
and skill needed to describe, configure, verify and manage the
PIX Firewall product family.
Course Objectives
After completing this course the student should be able to:
- Describe the features, functions, and benefits
of the Cisco PIX Firewall.
- Identify PIX Firewall features, models, components,
and benefits.
- Describe PIX Firewall installation procedures.
- Perform basic configuration.
- Explain the routing functionality of the PIX Firewall.
- Configure routing on the PIX Firewall.
- Configure the PIX Firewall to send messages to
a Syslog server.
- Configure the PIX Firewall as a DHCP client.
- Configure special protocol handling on the PIX
Firewall.
- Describe how the PIX Firewall supports call handling
sessions and VoIP call signaling.
- Configure AAA on the PIX Firewall.
- Configure shunning on the PIX Firewall.
- Configure a site-to-site VPN using the PIX Firewall.
- Configure a VPN Client-to-PIX Firewall VPN.
- Configure the PIX Firewall?s PPPoE client.
- Perform password recovery on the PIX Firewall.
- Install the PIX Device Manager and use it to configure
the PIX Firewall.
- Use the PIX Device Manager to monitor the PIX
Firewall.
- Configure a site-to-site VPN using the PIX Device
Manager.
- Test and verify PIX Firewall operations
Course Outline
- Introduction
- Network Security
- Firewalls and the Cisco PIX Firewal
- The Cisco PIX Firewall Family
- Getting Started with the Cisco PIX Firewall
- Translations and ConnectionsAccess Control Lists
and Content Filtering
- Object Grouping
- Advanced Protocol Handling
- Attack Guards, Intrusion Detection, and Shunning
- Authentication, Authorization, and Accounting
- Failover
- Virtual Private Networks
- System Management
- Cisco PIX Device Manager
Course Content
This task-oriented course teaches the knowledge and
skills needed to design, install, and configure a Cisco Intrusion
Protection solution for small, medium, and enterprise networks
After completing this course, students will be able
to:
- Describe the basic intrusion detection terminology.
- Explain the different intrusion detection technologies
and evasive techniques.
- Design a Cisco IDS protection solution for small,
medium, and enterprise customers.
- Identify the Cisco IDS Sensor platforms and describe
their features.
- Install and configure a Cisco IDS Sensor.
- Tune Cisco IDS signatures to work optimally in
unique network environments.
- Create and implement customized intrusion detection
signatures.
- Create alarm exceptions to reduce alarms and possible
false positives.
- Configure a Cisco IDS Sensor to perform device
management of supported blocking devices.
- Describe the Cisco IDS signatures and determine
the immediate threat posed to the network.
- Perform maintenance operations such as signature
updates and software upgrades.
- Describe the Cisco IDS architecture including
supporting services and configuration files.
- Manage a large scale deployment of Cisco IDS Sensors
with Cisco IDS Management and Monitoring software
Course Outline
- Course Introduction
- Network Security and Cisco
- Intrusion Detection Overview
- Intrusion Protection Overview
- Capturing Network Traffic for Intrusion Detection
Systems
- Cisco Intrusion Detection System Architecture
- Sensor Appliance Installation
- Intrusion Detection System Module
- Cisco IDS Command Line
- Cisco Intrusion Detection System Device Manager
and Event Viewer
- Enterprise IDS Management
- Sensor Configuration
- Cisco Intrusion Detection System Alarms and Signatures
- Sensing Configuration
- Blocking Configuration
- Enterprise IDS Monitoring and Reporting
- Sensor Maintenance
Course Content
This task-oriented course teaches the knowledge and
skills needed to describe, configure, verify, and manage the Cisco
VPN 3000 Concentrator, Cisco VPN Software Client, and Cisco VPN
3002 Hardware Client feature set.
Course Objectives
After completing this course the student should
be able to:
- Describe the features, functions, and benefits
of Cisco VPN products.
- Explain the IPSec and IKE component technologies
that are implemented in Cisco Secure VPN products.
- Install and configure the Cisco IPSec VPN Software
client.
- Configure Cisco VPN 3000 for remote access using
pre-shared keys
- Configure Cisco VPN 3000 for remote access using
digital certificates
- Configure Cisco VPN 3000 firewall feature.
- Configure Cisco VPN 3002 for remote access using
preshared keys
- Configure Cisco VPN 3002 for software auto-update.
- Configure Cisco VPN 3002 for interactive unit
and individual user authentication.
- Configure Cisco VPN 3002 for backup server and
load balancing.
- Configure Cisco VPN 3000 for IPSec over TCP or
IPSec over UDP.
- Configure Cisco VPN 3000 for LAN-to-LAN with pre-shared
keys.
- Configure Cisco VPN 3000 for LAN-to-LAN with digital
certificates
Course Outline
- Introduction
- Network Security and the Cisco Virtual Private
Network
- Overview of VPN and IPSec Technologies
- Cisco Virtual Private Network 3000 Concentrator
Series Hardware Overview
- Configure Cisco VPN 3000 for Remote Access Using
Pre-Shared Keys
- Configure Cisco VPN 3000 for Remote Access Using
Digital Certificates
- Configure Cisco VPN Firewall Feature for IPSec
Software Client
- Monitor and Administer Cisco Virtual Private Network
3000 Remote Access Networks
- Configure Cisco Virtual Private Network 3002 for
Remote Access Using Pre-Shared Keys
- Configuring Cisco 3002 Hardware Client for user
and unit authentication
- Configuring Cisco 3002 Hardware Client for backup
server, load balancing and reverse route injection
- Configuring Cisco 3002 Hardware Client for software
auto-update
- Configuring Cisco 3002 Hardware Client for IPSec
over TCP and UDP
- Cisco VPN 3000 LAN-to-LAN with Pre-Shared Keys
- Configure Cisco Virtual Private Network 3000 Site-to-Site
Using Digital Certificates
Course Content
This task-oriented course teaches the knowledge
and skills needed to needed to implement and use the principles
and axioms presented in the SAFE Small, Midsize and Remote User
White Paper on specific devices. The primary focus in on the labs,
which allow the students to build complete end-to-end security
solutions using SAFE SMR as the blueprint. The following devices
are covered and their configuration and functionality in a SAFE
SMR network are described in detail; IOS routers, PIX Firewalls,
VPN Concentrators, Cisco IDS Sensors, and the Cisco VPN Client.
Course Objectives
- Describe the need for network security.
- Identify the components of a complete security
policy.
- Explain that security is an ongoing process.
- Describe the four types of security threats.
- Identify the security issues implicit in common
management protocols.
- Discuss the SAFE design philosophy and how it
impacts the decision making process.
- Recognize why routers, switches, hosts, networks
and applications are targets.
- List the devices that are part of Cisco’s
security portfolio.
- Understand the basic guidelines to use for product
selection.
- Identify the functions of the key modules and
key devices in a small network.
- Identify the specific threats to the small network.
- List the threats mitigated in a SAFE compliant
remote user network.
- Discuss in detail the four different options for
providing secure remote user connectivity.
- Identify the mitigation roles of each of the key
devices in a secure remote user network.
Course Outline
- Cisco SAFE Design Implementation Course Introduction
- Security Fundamentals
- Architectural Overview
- The Cisco Security Portfolio
- SAFE Small Network Design
- SAFE Medium Network Design
- SAFE Remote-User Network Implementation
$8495.00
