Powerful 5-Day Hands on Course
Course Description
Learn to secure the network environment using existing Cisco IOS security features and configure the three primary components of the Cisco IOS Firewall Feature set (Firewall, Intrusion Prevention System [IPS], and Authentication, Authorization, and Accounting [AAA]). In this task-oriented course, you'll get the knowledge and skills needed to secure Cisco IOS router networks. Expand the reach of your enterprise network to teleworkers and remote sites, and explore implementing a highly available network with connectivity options such as VPN and wireless.
Course Objectives
After completing this course the student should be able to:
- Explain the Cisco hierarchical network model as it pertains to the WAN
- Implement teleworker configuration and access
- Implement and verify frame-mode MPLS
- Configure a site-to-site IPsec VPN
- Configure Cisco Easy VPN
- Strategies used to mitigate network attacks
- Configure Cisco device hardening
- Configure IOS firewall features
Intended Audience
IT professionals, network administrators, and technicians who need to design, configure, or support a Cisco WAN that utilizes Cisco's remote access technologies. This course is highly recommended for people pursuing CCNP, CCDP, and CCIE certifications.
Prerequisites
Knowledge of the following:
Course Outline
1. Network Requirements
- The IIN and the SONA framework
- Cisco conceptual network models, such as Cisco Enterprise Architecture and Cisco hierarchical network model
- Requirements for establishing secure remote connections in a converged network
2. Connect Teleworkers
- Topologies for Facilitating Remote Connections
- Cable Technology
- DSL Technology
- Configuring the CPE as the PPPoE and PPPoA Client
- Verifying Broadband ADSL Configurations
3. Cisco Device Hardening
- Mitigating Network Attacks
- Securing Cisco Router Installations and Administrative Access
- Configuring AAA on Cisco Routers
- Disabling Unused Cisco Router Network Services and Interfaces
- Securing Management and Reporting Features
- Mitigating Threats and Attacks with Access Lists
4. Cisco IOS Threat Defense Features
- Introducing the Cisco IOS Firewall
- Implementing Cisco IOS Firewalls
- Introducing Cisco IOS IPS
- Configuring Cisco IOS IPS
5. IPsec VPNs
- IPsec Components and IPsec VPN Features
- Site-to-Site IPsec VPN Operations
- Configuring IPsec Site-to-Site VPN Using SDM
- Configuring GRE Tunnels over IPsec
- High Availability Options
- Configuring Cisco Easy VPN and Easy VPN Server Using SDM
- Implementing the Cisco VPN Client
6. Implement Frame-Mode MPLS
- Introducing MPLS Networks
- Assigning MPLS Labels to Packets
- Implementing Frame-Mode MPLS
- MPLS VPN Technology
Course Labs
- Lab 1: Remote Lab Environment
- Lab 2: Configuring DSL (Simulation)
- Lab 3: Securing Administrative Access
- Lab 4: Authentication, Authorization, and Accounting (AAA)
- Lab 5: IOS Device Security
- Lab 6: Exclusive - Perimeter Router ACLs
- Lab 7: Stateful Firewall
- Lab 8: IOS IPS
- Lab 9: Site-to-Site VPN
- Lab 10: GRE over IPsec with a Backup Tunnel
- Lab 11: Remote Access VPN
- Lab 12: Frame Mode MPLS
- Lab 13 : Troubleshooting (Optional)
|
