5-day Course
Course Description
In this Mini Camp based on Authorized Cisco IPS and SNRS course material,
learn to configure, maintain, and operate the Cisco 4215 IDS Sensor and learn to
secure Cisco IOS router and switch networks. IPS and SNRS are recommended
training for Cisco Certified Security Professional (CCSP) certification.
Deploy Cisco's recently updated, network-based Intrusion Prevention System (IPS) Version 5.0, which includes new features such as in-line protection, meta-event generation, and the application firewall. This Mini Camp introduces you to Cisco IDS detection platforms including 4200 Series Sensors, Catalyst 6000 Series Intrusion Detection Module 2 (IDSM2), and IDS Network Module (NM-CIDS). Configure the sensor using the Command-Line Interface and the IPS Device Manager.
Secure the network using existing Cisco IOS security features on both routers and switches. Configure Authentication, Authorization, and Accounting using an IOS router and Cisco Secure Access Control Server. Configure the three primary components of the Cisco IOS Firewall feature set: Context-Based Access Control [CBAC], Intrusion Prevention System, and Authentication Proxy. Also, implement secure tunnels (VPNs) using IPSec technology, and implement basic access switch security. In addition, complete a security audit using functions embedded in Cisco Security Device Manager.
Attend this Mini Camp for the most relevant, hands-on, real-world experience available from any training provider. Apply what you learn in labs based on a single, enhanced topology designed to simulate a typical production network instead of a classroom.
Course Objectives
In this course students will learn:
IPS
- Basic intrusion prevention terminology
- The different intrusion prevention technologies and evasive techniques
- Design a Cisco IPS solution for small, medium, and enterprise customers
- Cisco IPS Sensor platforms and their features
- Install and configure a Cisco IPS Sensor
- Tune Cisco IPS signatures to work optimally in unique network environments
- Create and implement customized intrusion prevention signatures
- Create alarm filters to reduce alarms and possible false positives
- Configure IPS protective reactions such as TCP reset and deny attacker inline
- Configure a Cisco IPS Sensor to perform blocking on IOS routers and PIX firewalls
- Perform maintenance operations such as signature updates and software upgrades
SNRS
- Configure and maintain Network Address Translation (NAT). Explore advanced topics in NAT and learn how NAT affects other security technologies
- Authentication, Authorization, and Accounting using Cisco Secure ACS, including advanced topics such as command authorization lists and network device groups
- Using IOS routers as stateful packet inspection firewalls using CBAC
- Controlling per-user network authorization using Authentication Proxy
- Cisco's new IPS technology based on the technology used in Cisco IPS sensor appliances and moved to the router, so signatures are more numerous, more powerful, and more flexible
- Layer 2 security issues
- 802.1x authentication, allowing you to control access to a Layer 2 network such as an Ethernet switched network
- IPSec-based VPN technology
- Configuring Site-to-Site IPSec using Pre-Shared Keys
- Using Digital Certificates as an IPSec authentication method
- Remote Access VPN using the Cisco VPN Client software and the Easy VPN Server on the IOS router
- Using Security Device Manager (SDM) to configure and monitor the security features of Cisco routers
Intended Audience
Cisco customers who need to implement, maintain, and secure Cisco IOS router and switch networks and Cisco's intrusion prevention system; Networking professionals tasked with ensuring the effective use of Cisco VPN technologies within their networks; Cisco channel partners who sell, implement, and maintain IOS firewall, IPS, and VPN devices; and Cisco systems engineers who support the sale of secure IOS router and switch networks.
This course is specifically designed for students preparing for the CCSP Certification exam.
Course Outline
IPS
- Defining Security Fundamentals
- Explaining Intrusion Prevention
- Getting Started with the IPS Command-Line Interface
- Using IPS Device Manager
- Configuring the Sensor
- Working with Signatures and Alerts
- Describing Signature Engines
- Configuring Signatures
- Tuning the Sensor
- Configuring Blocking
- Maintaining the Sensor
- Monitoring the Sensor
- Installing and Maintaining the NM-CIDS
- Installing and Maintaining the IDSM-2
SNRS
- Network Address Translation
- Cisco Secure ACS for Windows Configuration
- Configuring Cisco IOS Security Features
- Layer 2 Security
- Cisco IOS-Based Virtual Private Networks
- Cisco Security Device Manager (SDM)
Course Labs
IPS
- Lab 1: Remote Lab Environment
- Lab 2: Initialize the Sensor
- Lab 3: The IPS Command Line
- Lab 4: Introduction to IDM
- Lab 5: Configuring the Sensor
- Lab 6: Working with Signatures
- Lab 7: Study Built-In Signatures Lab
- Lab 8: Signature Configuration
- Lab 9: Sensor Tuning
- Lab 10: Blocking
- Lab 11: Sensor Maintenance
- Lab 12: Monitoring the Sensor
SNRS
- Lab 1: Remote Lab Environment
- Lab 2: Network Address Translation Lab
- Lab 3: Authentication, Authorization, and Accounting (AAA) with Cisco Secure ACS
- Lab 4: Context Based Access Control
- Lab 5: Authentication Proxy
- Lab 6: Intrusion Prevention System
- Lab 7: Switch Security
- Lab 8: 802.1x Authentication
- Lab 9: Site-to-Site IPSec Tunnels with Pre-Shared Keys
- Lab 10: Site-to-Site IPSec Tunnels with Digital Certificates
- Lab 11: Cisco Secure VPN Client
- Lab 12: SD
|
