IINS - Implementing Cisco IOS Network Security 3.0

5 days
Please contact FMC to schedule.

Course Description

In this course, you will learn about the design, implementation, and monitoring of a comprehensive security policy, using Cisco IOS security features and technologies as examples. You will also learn about security controls of Cisco IOS devices as well as a functional introduction to the Cisco ASA adaptive security appliance. Using instructor-led discussion, lecture, and hands-on lab exercises, this course allows you to perform basic tasks to secure a small branch office network using Cisco IOS security features, which are available through web-based GUIs (Cisco Configuration Professional) and the CLI on Cisco routers, switches, and Cisco ASA appliances.

A Global Knowledge Exclusive: You Get...

  • An enhanced lab topology based on our Flexible Security Architecture that represents a real-world network
  • 10 extra e-Lab credits, good for 30 days, so you can practice and refine your skills
  • Enhanced content that exceeds standard authorized Cisco content
  • World-class Certified Cisco Systems Instructors

What You'll Learn

  • Develop a comprehensive network security policy to counter threats against information security
  • Configure routers with Cisco IOS Software security features, including management and reporting functions
  • Configure IPv6 addressing, routing, and access control in Cisco network routers
  • Bootstrap the Cisco Adaptive Security Appliance (ASA) Firewall for use in a production network
  • Configure the Cisco ASA Firewall for remote access SSL VPN
  • Configure a Cisco IOS zone-based firewall (ZBF) to perform basic security operations on a network
  • Configure site-to-site VPNs using Cisco IOS features
  • Configure IOS IPS on Cisco network routers
  • Configure security features on IOS switches to mitigate various Layer 2 attacks
  • How a network can be compromised using freely available tools
  • Implement line passwords, and enable passwords and secrets
  • Examine Authentication, Authorization, and Accounting (AAA) concepts and features using the local database as well as Cisco Secure ACS 5.2
  • Run a CCP security audit and analyze the results
  • Configure packet filtering on the Perimeter Router
  • Define a virtual tunnel interface Using GRE with IPsec

Who Should Attend

  • Network designers
  • Network SAN security administrators
  • Network, systems, and security engineers
  • Network and security managers

Prerequisites

Course Outline

Lessons

Lesson 1: Networking Security Fundamentals

  • Introducing Networking Security Concepts
  • Understanding Security Policies Using a Life-Cycle Approach
  • Building a Security Strategy for Borderless Networks

Lesson 2: Protecting the Network Infrastructure

  • Introducing Cisco Network Foundation Protection

-Protecting the Network Infrastructure Using Cisco Configuration Professional

  • Securing the Management Plane on Cisco IOS Devices
  • Configuring AAA on Cisco IOS Devices Using Cisco Secure ACS
  • Securing the Data Plane on Cisco Catalyst Switches
  • Securing the Data Plane in IPv6 Environments

Lesson 3: Threat Control and Containment

  • Planning a Threat Control Strategy
  • Implementing Access Control Lists for Threat Mitigation
  • Understanding Firewall Fundamentals
  • Understanding Firewall Fundamentals
  • Configuring Basic Firewall Policies on Cisco ASA Appliances
  • Understanding IPS Fundamentals
  • Topic 3G: Implementing Cisco IOS IPS

Lesson 4: Secure Connectivity

  • Understanding the Fundamentals of VPN Technologies
  • Introducing Public Key Infrastructure
  • Examining IPsec Fundamentals
  • Implementing Site-to-Site VPNs on Cisco IOS Routers
  • Implementing SSL VPNs Using Cisco ASA Appliances

Labs

Lab 1: Performing Ethical Hacking

Lab 2: Securing Administrative Access with the CLI

Lab 3: Introduction to Cisco Configuration Professional (CCP)

Lab 4: Securing Management and Reporting

Lab 5: Configuring IOS AAA with Cisco ACS

Lab 6: Implementing Layer 2 Security

Lab 7: Implementing ACLs and IPv6

Lab 8: Configuring IOS Zone-Based Firewall

Lab 9: Basic Setup of Cisco ASA Firewall using ASDM

Lab 10: Configuring Cisco IOS IPS

Lab 11: Configuring Site-to-Site VPN using IPsec

Lab 12: Configuring Site-to-Site VPN using GRE and IPsec

Lab 13: Implementing Remote Access SSL VPN on Cisco ASA Firewall