Cisco SECUR Training Securing IOS Networks
 Training Description
The days of booting a router, configuring a couple of IP addresses and a routing protocol and leaving the router exposed are over. In today's security conscious networks we need to unleash the new and
significant security tools within the Cisco ® router IOS. This class will introduce the student to the wide range of security specific tools and techniques, and then teach the student how to leverage these
tools such as Context Based Access Control, which gives an IOS router PIX Firewall like qualities. Other critical configuration skills taught in the class include IPSec, Intrusion Detection and
Authentication Proxy, which utilizes an ACS server.
Objectives
After completing this course the student should be able to:
- Identify network security threats
- Secure remote access using Cisco ® Secure ACS for Windows 2000 and Cisco ® IOS AAA software features
- Protect Internet access by configuring a Cisco ® perimeter router
- Configure the Cisco ® IOS Firewall Feature Set Context-Based Access Control
- Configure Cisco ® IOS Firewall Authentication Proxy
- Configure Cisco ® IOS Firewall Intrusion Detection System
- Use IPSec features in Cisco ® IOS software to create a secure site-to-site VPN using pre-shared keys and digital certificates
- Use Cisco ® Easy VPN features to create a secure remote access VPN solution
- Use Cisco ® Router Management Center to manage Cisco ® Router VPN implementations
Training Course includes
- 24 hours of instructor led full multi-media interactive training. The recorded version of the live now training
course.
- One year unlimited access to Online Live Classes and recorded version 24 x 7.
- Our courseware provides a wholly different – and uniquely effective – learning experience.
- Train at your own pace, when you want to at Home or at Work
- Engaging course demos and real-world examples
- Review questions to test one's retention
- Training conducted by Cisco Authorized Trainers with at least 10 years of experience in the field. CCIE and Double CCIE Credentials
- Cisco Authorized Training - Guarantees you always getting the finest training available
- Ask About Our Live Classes Nationally
|
Online SECUR Training Course
Practice Exam Quizzers
Supplemental Reading Material
Simulated Labs
One Year
|
kncsecuro
|
$1195.00
|
|
|
Cisco All Access
Over 36 courses CCNA, CCNP, CCSP and CCVP
One Year Access 24 x 7 Details
|
kncisall
|
$2400.00
|
|
Cisco ® Training for SECUR Course CD-ROM or Online
Audience
This course is for anyone who is responsible for designing, maintaining or implementing a Cisco ® IOS router in a security conscious network environment.
Prerequisites
Students should have completed the ICND course, obtained a CCNA certification, or have equivalent experience.
Included Materials Interactive Self-Paced courses provide:
- Unlimited 24 x 7 access to Campus for the entire program (all courses are launched from a personalized web site that organizes and manages your training experience). Live Now and Learn Now
- Hands-on Labs - a perfectly simulated, real-world environment to test skills without risk.
- Engaging course demos and real-world examples
- Access to a variety of training resources and certification information.
Included Labs
- Configuring AAA Security
- Installing Cisco ®Secure ACS
- TACACS+, AAA, and Server-Groups
- Cisco ® Router Threat Mitigation
- Configure CBAC on Perimeter Router
- Configuring AUTH-PROXY on the Perimeter router
- Configuring IDS on Perimeter Router
- Configure GRE Tunnel
- Configuring IPSec using Pre-shared keys
- Configuring IPSec with Digital Certificates
- Configuring Remote Access Using Cisco ® Easy VPN
- Managing Enterprise VPN Routers
- Managing Enterprise VPN Routers Part II
Our Instructors
Live Now Instructors Profiles
Outline Securing Cisco ® IOS ™ Networks (SECUR) Training Course
Module 1: Course Introduction & Module 2: Security Fundamentals
- The Closed Network
- What Is a Security Policy?
- Variety of Attacks
- Reconnaissance Attacks
- Access Attacks
- Denial of Service Attacks
- Worm, Virus, and Trojan Horse Attacks
- Configuration Management
- Summary
Module 3: Basic Cisco ® Router Security
- Installation Risk Assessment
- Connect to Router Console Port
- AAA Model - Network Security Architecture
- Authenticating Router Access
- Summary
- Configuring AAA Security
Module 4: Advanced AAA Security for Cisco ® Router Networks
- Cisco ® Secure ACS Products
- Cisco ® Secure ACS for UNIX (Solaris) Features
- Cisco ® Secure ACS for Windows Server - Installation Overview
- Cisco ® Secure ACS for Windows Server - Administration Procedures
- TACACS+ Overview
- AAA TACACS+ Troubleshooting
- 0 RADIUS Background
- Kerberos-Authenticated Server-Client System
- Summary
- Installing Cisco ®Secure ACS
- TACACS+, AAA, and Server-Groups
Module 5: Cisco ® Router Threat Mitigation
- Standalone Perimeter Router
- Vulnerable Router Services
- Identifying Access Lists
- Traffic Filtering
- Telnet Service Filtering
- IP Address Spoof Mitigation - Inbound
- DDoS Attack Mitigation - Trin00
- Theoretical Network - Sample Configuration for Router R2
- Syslog Systems
- What Is AutoSecure?
- Summary
- Cisco ® Router Threat Mitigation
Module 6: Cisco ® IOS Firewall Context-Based Access Control Configuration
- The Cisco ® IOS ™ Firewall Feature Set
- Cisco ® IOS ™ ACLs
- TCP, SYN, and FIN Wait Times
- Port-to-Application Mapping
- Inspection Rules for Application Protocols
- Apply an Inspection Rule to an Interface
- Show Commands
- Summary
- Configure CBAC on Perimeter Router
Module 7: Cisco ® IOS Firewall Authentication Proxy
- What Is the Authentication Proxy?
- Create auth-proxy Service in the Cisco ® Secure ACS
- Enable AAA
- Set Global Timers
- Show Commands
- Summary
- Configuring AUTH-PROXY on the Perimeter router
Module 8: Cisco ® IOS Intrusion Detection System
- Cisco ® IOS IDS
- Set Notification Type
- Configure Spam Attack
- Packet Auditing Process
- Show Commands
- Summary
- Configuring IDS on Perimeter Router
Module 9: Building IPSEC VPNS Using Cisco ® Routers
- VPN Definition
- What Is IPSec?
- IPSec Security Protocols
- Five Steps of IPSec
- Tasks to Configure IPSec Encryption
- Task 1 - Prepare for IKE and IPSec
- Task 2 - Configure IKE
- Task 3 - Configure IPSec
- Crypto ipsec security-association lifetime Command
- Purpose of Crypto ACLs
- Purpose of Crypto Maps
- Applying Crypto Maps to Interfaces
- Task 4 - Test and Verify IPSec
- Setting Manual Keys with security-association Commands
- Summary
- Configure GRE Tunnel
- Configuring IPSec using Pre-shared keys
Module 10: Building Advanced IPSec VPNs Using Cisco ® Routers and Certificate Authorities
- Configure CA Support Tasks
- Task 1 - Prepare for IPSec
- Cisco ® IOS Software CA Support Standards
- Cisco ® IOS Software CA Configuration Procedure
- Task 3 - Configure IKE
- Steps to Complete Task 4 - Configure IPSec
- Steps to Complete Task 5 - Test and Verify IPSec
- Summary
- Configuring IPSec with Digital Certificates
Module 11: Configuring Cisco ® IOS Remote Access Using Cisco ® Easy VPN
- Cisco ® Easy VPN Components
- Easy VPN Remote Connection Process
- Easy VPN Server General Configuration Tasks
- Configuring Easy VPN Remote for the Cisco ® VPN Client 3.x - General Tasks
- VPN Client Program Menu
- Configuration Methods for Easy VPN Remote Access Routers
- Summary
- Configuring Remote Access Using Cisco ® Easy VPN
Module 12: Using Security Device Manager
- What Is Security Device Manager?
- Supported Cisco ® Routers and Cisco ® IOS Software Releases
- Router Administration Using SDM
- SDM Main Window Layout and Navigation
- Demo: WAN Wizard - Create a New WAN Connection
- Firewall Wizard - Main Window
- VPN Wizard - Main Window
- Security Audit - Overview
- Reset to Factory Default Wizard
- Demo: Advanced Mode - Overview
- Summary
Module 13: Using Router MC
- What Is Router MC?
- Installation Process
- Cisco ®Works Login
- Action for Activity>Create
- Devices>Device Hierarchy
- Devices>Device Import
- Select Objects
- Configuration>IKE
- Approve Activity
- View Existing Jobs
- General Firewall Settings
- Configuration>Access Rules
- Configuration>Building Blocks
- Configuration>Upload
- Summary
- Managing Enterprise VPN Routers
- Managing Enterprise VPN Routers Part II
|
