Implementing Cisco IOS Network Security

Overview

This course allows learners to understand common security concepts, and deploy security features utilizing a variety of popular security appliances.

You will learn about most of LAN threats and vulnerabilities as well as their countermeasures and defense strategies. You will also learn about Firewall technologies and various virtual private networks (VPNs).

Prerequisites

      # ICND1 is mandatory

      # ICND2 & SWITCH are highly recommended

Related Certifications

# CCNA Security

Outline

Network Security Concepts

# Network Security Goals and Terminology

# Assets, Vulnerabilities and Countermeasures

# Security Threat & Defense Strategies

# Security Devices & Design Principles

# Best Practices for Cisco Device Hardening

 

Layer 2 Security

# Mitigating CAM Table attacks

# Mitigating Storm attacks

# Mitigating Vlan, STP and FHRP attacks

# Mitigating DHCP and IP Spoofing attacks

# Mitigating ARP Spoofing and Poisoning attacks

# Implementing AAA using ACS Server

# Implementing 802.1X Features:

- Port-Based Authentication

VLAN Assignment

Guest & Auth-Fail VLANs

802.1x Bypass

802.1x Timers

 

Firewall Technologies

# Survey of Firewall Technologies

# Cisco IOS Zone-Based Firewall

# ASA Firewall Overview

# Basic ASA Configuration using CLI & GUI

# Deploying Firewall Services on ASA Firewalls

# FirePOWER & NGN Firewall overview

 

 Virtual Private Networks

# Cryptography overview

# Public Key Infrastructure

# IPsec VPN Components & Operations

# Site-to-Site IPsec VPN

# Client-based & Clientless SSL VPN

Lab Topology

 

Note: This training contains extensive hands-on lab using real devices (exactly as used in customer companies), what will allow you to perfectly master the exact behavior of technologies, instead of being limited with unavailable commands and abnormal and non-logical behavior of simulators and virtual platforms.

Hands-On Labs

Network Security Concepts

# Lab 1: Mitigating Reconnaissance Attacks

# Lab 2: Securing Access

# Lab 3: Securing Routing Protocols

# Lab 4: Harden Cisco IOS Devices

 

Layer 2 Security

# Lab 5: Implementing Port Security with advanced features

# Lab 6: Implementing Storm Control

# Lab 7: Securing Vlan, STP and FHRP

# Lab 8: Implementing DHCP Snooping with advanced features

# Lab 9: Implementing DAI with advanced features

# Lab 10: Implementing IP Source Guard

# Lab 11: Implementing AAA using ACS Server

# Lab 12: Implementing 802.1X

 

Firewall Technologies

# Lab 13: Implementing Cisco IOS Zone-Based Firewall

# Lab 14: Basic ASA Configuration using CLI & GUI

# Lab 15: Deploying Firewall Services on ASA Firewalls

# Lab 16: FirePOWER & NGN Firewall overview

 

 Virtual Private Networks

# Lab 17: Implementing Site-to-Site IPsec VPN

# Lab 18: Implementing GRE over IPsec VPN

# Lab 19: Implementing Client-based & Clientless SSL VPN

Duration

# 5 Days /35 Hours

Pricing

# Student Price: 44 000 DA

# Regular Price: 100 000 DA

Register Now