5-day Course
Course
Description
This lab-intensive course allows you to integrate and test Cisco Systems® security products and security best practices that comprise the Cisco® Enterprise Data Center Architecture. Implement and integrate the Cisco Catalyst® 6500 Series Firewall Services Module (FWSM), the Cisco Catalyst 6500 Series Intrusion Detection System Module (IDSM-2), and two Cisco anomaly detection devices: Cisco Traffic Anomaly Detectors and Cisco Guard DDoS mitigation appliances.
In hands-on labs, learn to use commonly available network test applications as well as scripts that you can use to verify that implemented security techniques are successful. You will also learn best practices for implementing Layer 2 and Layer 3 security, with hands-on practice implementing features such as port security and private VLANs.
Course Objectives
In this course students will learn:
- Identify and classify specific threats to which the data center is subject
- Analyze a given data center network topology and define and document a security hierarchy
- Outline security techniques available to minimize security threats in the data center network
- Prioritize security events and implement appropriate measures to mitigate future events in the data center network
- Configure Cisco Security MARS monitoring devices to gather information from routers, switches, FWSMs, IDSMs, and Cisco Security Agent
- Configure a Cisco Security MARS global controller as a central reporting point for security events
- Configure, verify, and troubleshoot Layer 2 and Layer 3 security techniques
- Implement and troubleshoot the Cisco Catalyst 6500 FWSM at the Internet edge and aggregation layers
- Implement intrusion detection systems (IDSs) at the aggregation and access layers
- Configure Cisco Security Agent to protect hosts
- Configure Cisco Guard and Cisco Traffic Anomaly Detectors to identify and redirect attacks on the data center network
Intended Audience
Data center managers and administrators, network administrators, security professionals, and engineers interested in deploying and securing Cisco network data center solutions.
This course is one of several courses in a curriculum that addresses both design and best implementation practices and offers hands-on experience in configuring and deploying Cisco Business-Ready Data Center solutions.
Course Outline
- Introduction
- Cisco Enterprise Data Center Architecture Security Overview
- Monitoring the Enterprise Data Center (Cisco Security MARS)
- Securing Layer 2 and Layer 3
- Implementing Cisco Catalyst 6500 FWSM at Internet Edge and Aggregation Layers
- Implementing IDSs, Intrusion Prevention Systems (IPSs), and Cisco Security Agent
- Analysis and Response with Cisco Security MARS
- Implementing Cisco Guard DDoS Mitigation Appliances and Cisco Traffic Anomaly Detectors
Course Labs
- Lab 1: Student Pod Configuration and Network Evaluation
- Lab 2: Monitoring the Enterprise Data Center (Cisco Security MARS)
- Lab 3: Implementing Layer 2 and Layer 3 Security: Address Resolution Protocol (ARP) inspection, Unicast Reverse Path Forwarding (URPF), Port Security, and Private VLANs
- Labs 4 and 5: Implementing Cisco Catalyst 6500 FWSM in Single-Context Routed and Multicontext Transparent Mode
- Labs 6 and 7: Implementing the Cisco Catalyst 6500 IDSM-2 (IDS and IPS: Inline Modes)
- Lab 8: Implementing Cisco Security Agent and Security Testing
- Lab 9: Analysis and Response Reporting with Cisco Security MARS
- Lab 10: Implementing Cisco Guard DDoS Mitigation Appliances, Cisco Traffic Anomaly Detectors, and Security Testing
|
