IINS - Implementing Cisco IOS Network Security 3.0
Course Description
In this course, you will learn about the design, implementation, and monitoring of a comprehensive security policy, using Cisco IOS security features and technologies as examples. You will also learn about security controls of Cisco IOS devices as well as a functional introduction to the Cisco ASA adaptive security appliance. Using instructor-led discussion, lecture, and hands-on lab exercises, this course allows you to perform basic tasks to secure a small branch office network using Cisco IOS security features, which are available through web-based GUIs (Cisco Configuration Professional) and the CLI on Cisco routers, switches, and Cisco ASA appliances.
A Global Knowledge Exclusive: You Get...
- An enhanced lab topology based on our Flexible Security Architecture that represents a real-world network
- 10 extra e-Lab credits, good for 30 days, so you can practice and refine your skills
- Enhanced content that exceeds standard authorized Cisco content
- World-class Certified Cisco Systems Instructors
What You'll Learn
- Develop a comprehensive network security policy to counter threats against information security
- Configure routers with Cisco IOS Software security features, including management and reporting functions
- Configure IPv6 addressing, routing, and access control in Cisco network routers
- Bootstrap the Cisco Adaptive Security Appliance (ASA) Firewall for use in a production network
- Configure the Cisco ASA Firewall for remote access SSL VPN
- Configure a Cisco IOS zone-based firewall (ZBF) to perform basic security operations on a network
- Configure site-to-site VPNs using Cisco IOS features
- Configure IOS IPS on Cisco network routers
- Configure security features on IOS switches to mitigate various Layer 2 attacks
- How a network can be compromised using freely available tools
- Implement line passwords, and enable passwords and secrets
- Examine Authentication, Authorization, and Accounting (AAA) concepts and features using the local database as well as Cisco Secure ACS 5.2
- Run a CCP security audit and analyze the results
- Configure packet filtering on the Perimeter Router
- Define a virtual tunnel interface Using GRE with IPsec
Who Should Attend
- Network designers
- Network SAN security administrators
- Network, systems, and security engineers
- Network and security managers
Prerequisites
- Working knowledge of the Windows operating system
- ICND1 v2.0 - Interconnecting Cisco Networking Devices, Part 1
Course Outline
Lessons
Lesson 1: Networking Security Fundamentals
- Introducing Networking Security Concepts
- Understanding Security Policies Using a Life-Cycle Approach
- Building a Security Strategy for Borderless Networks
Lesson 2: Protecting the Network Infrastructure
- Introducing Cisco Network Foundation Protection
- Protecting the Network Infrastructure Using Cisco Configuration Professional
- Securing the Management Plane on Cisco IOS Devices
- Configuring AAA on Cisco IOS Devices Using Cisco Secure ACS
- Securing the Data Plane on Cisco Catalyst Switches
- Securing the Data Plane in IPv6 Environments
Lesson 3: Threat Control and Containment
- Planning a Threat Control Strategy
- Implementing Access Control Lists for Threat Mitigation
- Understanding Firewall Fundamentals
- Understanding Firewall Fundamentals
- Configuring Basic Firewall Policies on Cisco ASA Appliances
- Understanding IPS Fundamentals
- Topic 3G: Implementing Cisco IOS IPS
Lesson 4: Secure Connectivity
- Understanding the Fundamentals of VPN Technologies
- Introducing Public Key Infrastructure
- Examining IPsec Fundamentals
- Implementing Site-to-Site VPNs on Cisco IOS Routers
- Implementing SSL VPNs Using Cisco ASA Appliances
Labs
Lab 1: Performing Ethical Hacking
Lab 2: Securing Administrative Access with the CLI
Lab 3: Introduction to Cisco Configuration Professional (CCP)
Lab 4: Securing Management and Reporting
Lab 5: Configuring IOS AAA with Cisco ACS
Lab 6: Implementing Layer 2 Security
Lab 7: Implementing ACLs and IPv6
Lab 8: Configuring IOS Zone-Based Firewall
Lab 9: Basic Setup of Cisco ASA Firewall using ASDM
Lab 10: Configuring Cisco IOS IPS
Lab 11: Configuring Site-to-Site VPN using IPsec
Lab 12: Configuring Site-to-Site VPN using GRE and IPsec
Lab 13: Implementing Remote Access SSL VPN on Cisco ASA Firewall
RELATED TRAINING
- CCNAX v3.0 - CCNA Routing and Switching Boot Camp5 days
- ICND1 v3.0 - Interconnecting Cisco Networking Devices, Part 15 days
- ICND2 v3.0 - Interconnecting Cisco Networking Devices, Part 25 days
- ROUTE - Implementing Cisco IP Routing v2.05 days
- SWITCH - Implementing Cisco IP Switched Networks v2.05 days
- CCNA-DC - CCNA Data Center Boot Camp5 days
- DCNX5K - Implementing the Cisco Nexus 5000 and 2000 v3/15 days
- DCNX7K - Configuring Cisco Nexus 7000 Switches v3.15 days
- DCUCI - Data Center Unified Computing Implementation v5.05 days
- DCUFI - Implementing Cisco Data Center Unified Fabric v6.05 days
- IINS - Implementing Cisco IOS Network Security 3.05 days
- SASAC - Implementing Core Cisco ASA Security v1.05 days
- SISE - Implementing and Configuring Cisco Identity Services Engine v2.15 days
- ACUCW1 - Administering Cisco Unified Communications Workspace Part 1: Basic v10.55 days
- CICD - Implementing Cisco Collaboration Devices5 days
- CIPTV1 - Implementing Cisco IP Telephony & Video Part 1 v1.05 days
- CVOICE - Implementing Cisco Unified Communications Voice over IP and QoS v8.05 days