Overview

Students will focus on the design, implementation, and monitoring of a comprehensive security policy, using Cisco IOS security features and technologies.

 

Objectives

In this course, you will secure your network infrastructure by implementing Cisco network security features at the management plane, control plane, and data plane.

 

You will:

  • Describe the fundamentals of networking security.
  • Describe network infrastructure security concepts.
  • Implement management plane security on Cisco IOS devices.
  • Implement ACLs for threat mitigation.
  • Implement data plane security on Cisco IOS devices.
  • Configure threat control and containment measures.
  • Configure security and NAT on Cisco ASA.
  • Implement Cisco IOS IPS.
  • Describe VPN technologies, PKI, and IPsec concepts.
  • Implement VPNs and Cisco AnyConnect.
  • Implement control plane security and additional data plane security features.
  • Configure secure network management services and 802.1x port-based authentication.

 

Audience

This course is designed for network security specialists, security administrators, and network security support engineers who are responsible for deploying and managing Cisco security products and features in a network infrastructure. Individuals should attend if their primary job responsibility is to secure a network from sophisticated threats.

 

This course is also designed for students who are seeking CCNA Security certification and who want to prepare for the Implementing Cisco Network Security (IINS) Exam 210-260.

 

Prerequisites

To ensure your success in this course, you should be familiar with basic networking and security concepts, and Cisco IOS networking features and concepts. You can obtain this level of skills and knowledge by taking the following courses:

  • Interconnecting Cisco Network Devices, Part 1 (ICND1)

 

Outline

Module 1: Networking Security Fundamentals

  • Network Security Concepts.
  • Security Policies Using a Life-Cycle Approach.
  • Network Topologies.

 

Module 2: Network Infrastructure Security

  • Introduction to Cisco NFP.
  • Introduction to Control Plane Security.
  • Introduction to Management Plane Security.
  • Introduction to Data Plane Security.

 

Module 3: Implementing Management Plane Security on Cisco IOS Devices

  • Secure Remote Access Using SSH.
  • Configure Custom Privilege Levels and Views.
  • Configure Cisco IOS and Key Network Services.

 

Module 4: Implementing ACLs for Threat Mitigation

  • Implement ACLs Using CLI.
  • Configure TCP Intercept and VACLs.

 

Module 5: Implementing Data Plane Security on Cisco IOS Devices

  • Content and Endpoint Security.
  • Configure VLANs, Trunks, and InterVLAN Routing.
  • Implement Layer 2 Security.

 

Module 6: Configuring Threat Control and Containment Measures

  • Fundamentals of Firewalls.
  • Implement Zone-Based Policy Firewalls Using Cisco IOS.

 

Module 7: Configuring Security and NAT on Cisco ASA

  • Configure ASA.
  • Implement NAT and PAT.

 

Module 8: Implementing Cisco IOS IPS

  • Fundamentals of IPS.
  • Configure Cisco IOS IPS.
  • Verify Cisco IOS IPS Configuration.

 

Module 9: VPN Technologies, PKI, and IPsec

  • Fundamentals of VPN Technologies.
  • Fundamentals of PKI.
  • Fundamentals of IPsec.

 

Module 10: Implementing VPNs and Cisco AnyConnect

  • Implement Site-to-Site VPNs on Cisco IOS Routers.
  • Implement SSL VPNs Using the Cisco ASA Appliance.
  • Implement Cisco AnyConnect Using the Cisco ASA Device Manager.

 

Module 11: Implementing Control Plane Security and Additional Data Plane Security Features

  • Configure Control Plane Security on Cisco IOS Devices.
  • Configure Control Plane Policing on Cisco IOS CLI.
  • Additional Data Plane Security Concepts.
  • Implement Policy-Based NAT on a Cisco ASA Appliance.

 

Module 12: Configuring Secure Network Management Service and 802.1x Port-Based Authentication

  • Configure Secure Network Management Services.
  • Configure 802.1x Port-Based Authentication.

 

Related Certification

  • CCNA Security (Exam 210-260 IINS)