header
headerhomeService AreasCourse CatalogTraining SchedulesEnrollAbout UsCareers
   

 

Implementing Secure Converged Wide Area Networks (ISCW)

Powerful 5-Day Hands on Course


Course Description

Learn to secure the network environment using existing Cisco IOS security features and configure the three primary components of the Cisco IOS Firewall Feature set (Firewall, Intrusion Prevention System [IPS], and Authentication, Authorization, and Accounting [AAA]). In this task-oriented course, you'll get the knowledge and skills needed to secure Cisco IOS router networks. Expand the reach of your enterprise network to teleworkers and remote sites, and explore implementing a highly available network with connectivity options such as VPN and wireless.

 

Course Objectives

After completing this course the student should be able to:

  • Explain the Cisco hierarchical network model as it pertains to the WAN
  • Implement teleworker configuration and access
  • Implement and verify frame-mode MPLS
  • Configure a site-to-site IPsec VPN
  • Configure Cisco Easy VPN
  • Strategies used to mitigate network attacks
  • Configure Cisco device hardening
  • Configure IOS firewall features

Intended Audience

IT professionals, network administrators, and technicians who need to design, configure, or support a Cisco WAN that utilizes Cisco's remote access technologies. This course is highly recommended for people pursuing CCNP, CCDP, and CCIE certifications.

 

Prerequisites

Knowledge of the following:

Course Outline

1. Network Requirements

  • The IIN and the SONA framework
  • Cisco conceptual network models, such as Cisco Enterprise Architecture and Cisco hierarchical network model
  • Requirements for establishing secure remote connections in a converged network

2. Connect Teleworkers

  • Topologies for Facilitating Remote Connections
  • Cable Technology
  • DSL Technology
  • Configuring the CPE as the PPPoE and PPPoA Client
  • Verifying Broadband ADSL Configurations

3. Cisco Device Hardening

  • Mitigating Network Attacks
  • Securing Cisco Router Installations and Administrative Access
  • Configuring AAA on Cisco Routers
  • Disabling Unused Cisco Router Network Services and Interfaces
  • Securing Management and Reporting Features
  • Mitigating Threats and Attacks with Access Lists

4. Cisco IOS Threat Defense Features

  • Introducing the Cisco IOS Firewall
  • Implementing Cisco IOS Firewalls
  • Introducing Cisco IOS IPS
  • Configuring Cisco IOS IPS

5. IPsec VPNs

  • IPsec Components and IPsec VPN Features
  • Site-to-Site IPsec VPN Operations
  • Configuring IPsec Site-to-Site VPN Using SDM
  • Configuring GRE Tunnels over IPsec
  • High Availability Options
  • Configuring Cisco Easy VPN and Easy VPN Server Using SDM
  • Implementing the Cisco VPN Client

6. Implement Frame-Mode MPLS

  • Introducing MPLS Networks
  • Assigning MPLS Labels to Packets
  • Implementing Frame-Mode MPLS
  • MPLS VPN Technology

 

Course Labs

  • Lab 1: Remote Lab Environment
  • Lab 2: Configuring DSL (Simulation)
  • Lab 3: Securing Administrative Access
  • Lab 4: Authentication, Authorization, and Accounting (AAA)
  • Lab 5: IOS Device Security
  • Lab 6: Exclusive - Perimeter Router ACLs
  • Lab 7: Stateful Firewall
  • Lab 8: IOS IPS
  • Lab 9: Site-to-Site VPN
  • Lab 10: GRE over IPsec with a Backup Tunnel
  • Lab 11: Remote Access VPN
  • Lab 12: Frame Mode MPLS
  • Lab 13 : Troubleshooting (Optional)

 


TOP

 

 

 

 

 
 
   
 
Course Catalog Training Schedules Enroll Training Locations Cancellation Policy Contact Us Related Links Site Map
Service Areas Careers About Us Customer Quotes News & Events
 

CCIP, CCIE, CCDA, CCDP, CCNP, CCNA, VLANDirector, TrafficDirector, CiscoWorks 2000, ONS 15454 Secure PIX Firewal, Secure Virtual Private Networks, Cisco, Cisco Systems, Cisco Systems Logo, Catalyst, EtherChannel, IOS and LightStream are registered trademarks of Cisco Systems, Inc. or its affiliates in the US and certain other countries.