IC1382: SENSS - Implementing Cisco Edge Network Security Solutions

Course Length: 40 hrs

Prerequisites:
• Cisco Certified Network Associate (CCNA®) certification
• Cisco Certified Network Associate (CCNA®) Security certification
• Knowledge of Microsoft Windows operating system

Price: $2595

Format: Onsite, online

This course is part of the curriculum path leading to the Cisco Certified Network Professional Security (CCNP Security) certification. Additionally, it is designed to prepare security engineers with the knowledge and hands-on experience to prepare them to configure Cisco perimeter edge security solutions utilizing Cisco switches, Cisco routers, and Cisco Adaptive Security Appliance (ASA) firewalls. You will acquire the foundational knowledge and capabilities to implement and manage security on Cisco ASA firewalls, Cisco routers with the firewall feature set, and Cisco switches. You will gain hands-on experience with configuring various perimeter security solutions for mitigating outside threats and securing network zones. At the end of the course, you will be able to reduce the risk to your IT infrastructures and applications using Cisco switches, Cisco ASA, and router security appliance feature, as well as provide detailed operations support for these products.

Topics Covered:

• Security threat landscape
• Implement Cisco modular network security architectures such as SecureX and TrustSec
• Deploy Cisco infrastructure management and control plane security controls
• Configure Cisco Layer 2 and Layer 3 data plane security controls
• Implement and maintain Cisco ASA Network Address Translations (NAT)
• Implement and maintain Cisco IOS Software NAT
• Designing and deploying Cisco Cyber Threat Defense solutions on a Cisco ASA utilizing access policy and application and identity based inspection
• Implement Botnet Traffic Filters
• Deploy Cisco IOS Zone-Based Policy Firewalls (ZBFW)
• Configure and verify Cisco IOS ZBFW Application Inspection Policy

Course Outline:

1. Secure Design Principles

• Course Overview
• Network Security Zoning
• Cisco Module Network Security Architecture
• Cisco SecureX Architecture
• Cisco TrustSec Solution

2. Deploying Network Infrastructure Protection

• Introducing Cisco Network Infrastructure Protection
• Deploying Cisco IOS Control Plane Security Controls
• Deploying Cisco IOS Management Plane Security Controls
• Deploying Cisco ASA Management Plane Security Controls
• Deploying Cisco Traffic Telemetry Methods
• Deploying Cisco IOS Layer 2 and Layer 3 Data Plane Security Controls

3. Deploying NAT on Cisco IOS and Cisco ASA

• Introducing Network Address Translation
• Deploying Cisco ASA Network Address Translation
• Deploying Cisco IOS Software Network Address Translation

4. Deploying Threat Controls on Cisco ASA

• Introducing Cisco Firewall Threat Controls
• Deploying Basic Cisco ASA Access Policies
• Deploying Advanced Cisco ASA Application Inspection Policies
• Deploying Cisco ASA Botnet Traffic Filtering
• Deploying Cisco ASA Identity Based Firewall

5. Deploying Threat Controls on Cisco IOS Software

• Deploying Basic Cisco IOS Software with Basic Zone-Based Firewall Access Policies
• Deploying Advanced Cisco IOS Software ZBFW with Application Inspection Policies

Notes: This course will prepare you for the SENSS exam.