Kurser

Kursusadministration

Brug for hjælp?

  • Gregersensvej 8
  • 2630 Taastrup
Google MapsApple MapsRejseplanen
  • Forskerparken Fyn, Forskerparken 10F
  • 5230 Odense M
Google MapsApple MapsRejseplanen
  • Teknologiparken Kongsvang Allé 29
  • 8000 Aarhus C
Google MapsApple MapsRejseplanen
  • NordsøcentretPostboks 104
  • 9850Hirtshals
Google MapsApple MapsRejseplanen
  • Gammel Ålbovej 1
  • 6092Sønder Stenderup
Google MapsApple MapsRejseplanen
NY_CISCO
5 dages virtual classroom

Implementing Cisco Secure Mobility Solutions

Kurset fokuserer på at give netværks sikkerhedsansvarlige den nødvendige viden og kvalifikationer til at skabe sikkerhed om data, der florerer i offentlige eller delte infrastrukturer og miljøer.

Virtuelle_kurser_ikoner

Virtuelt kursus

Dette virtuelle kursus foregår på din egen computer live via GoToMeeting med en engelsktalende underviser. Under kurset har du mulighed for at stille spørgsmål, deltage i diskussioner, se whiteboard på din skærm og lave lab øvelser.

Securing data in shared infrastructures.

Implementing Cisco Secure Mobility Solutions (SIMOS) v1.0 is a newly created five-day instructor-led training course that is part of the curriculum path leading to the Cisco Certified Network Professional Security (CCNP© Security) certification. This course is designed to prepare network security engineers with the knowledge and skills they need to protect data traversing a public or shared infrastructure such as the Internet by implementing and maintaining Cisco VPN solutions. You will gain hands-on experience with configuring and troubleshooting remote access and site-to-site VPN solutions, using Cisco ASA adaptive security appliances and Cisco IOS routers.

Prerequisites

  • Cisco Certified Network Associate (CCNA®) certification
  • Cisco Certified Network Associate (CCNA®) Security certification [*Knowledge of Microsoft Windows operating system]

Target Audience

This course is intended for:

  • Network Security Engineers
  • Prerequisites

Content

At the end of this course you will be able to:

  • Describe the various VPN technologies and deployments as well as the cryptographic algorithms and protocols that provide VPN security.
  • Implement and maintain Cisco site-to-site VPN solutions.
  • Implement and maintain Cisco FlexVPN in point-to-point, hub-and-spoke, and spoke-to-spoke IPsec VPNs.
  • Implement and maintain Cisco clientless SSL VPNs.
  • Implement and maintain Cisco AnyConnect SSL and IPsec VPNs.
  • Implement and maintain endpoint security and dynamic access policies (DAP)

A brief overview of the course:

Module 1: The Role of VPNs in Network Security
  • VPN Definition
  • Key Threats to WANs and Remote Access
  • Cisco Modular Network Architecture and VPNs
  • VPN Types
  • VPN Components
  • Secure Communication and Cryptographic Services
  • Cryptographic Algorithms
  • Cryptography and Confidentiality
Module 2: Deploying Secure Site-to-Site Connectivity Solutions
  • Site-to-Site VPN Topologies
  • Site-to-Site VPN Technologies
  • Internet Key Exchange v1 and v2
  • Encapsulating Security Payload
  • Dynamic Multipoint VPN
  • Cisco IOS FlexVPN
  • Configure IKE Policy
  • Configure PSKs
  • Choose Transform Set and VPN Peer
  • Choose Traffic for VPN
  • Configuring Site-to-Site VPN with Connection Profiles Menu
  • Verify and Troubleshoot Basic Point-to-Point Tunnels on the Cisco ASA
  • Lab 2-1 Implement Site to Site Secure Connectivity on Cisco ASA
  • Overview of Cisco IOS VTIs
  • Configure Static VTI Point-to-Point Tunnels
  • DMVPN Solution Components
  • DMVPN Operations
  • Types of Authentication
  • Configure DMVPN on Hub
  • Configure DMVPN on Spoke
  • Configure Routing in DMVPN
Module 3: Deploying Cisco IOS Site-to-Site FlexVPN Solutions
  • FlexVPN Overview
  • Public Key Infrastructure (PKI)
  • Site-to-Site VPN Topologies
  • FlexVPN Architecture
  • IKEv2 vs. IKEv1 Overview
  • IKEv2 Message Exchange
  • IKEv2 DoS Prevention
  • FlexVPN Use Cases
  • Negotiating IKEv2 Proposals
  • Point-to-Point VPN Scenario with IPv4 Static Routes
  • Configure and Verify Point-to-Point VPN with IPv4 Static Routes
  • Point-to-Point VPN Scenario with OSPFv3
  • Configure a Spoke in a Hub-and-Spoke Scenario
  • Configure a Hub in a Hub-and-Spoke Scenario
  • Configuration Exchange
  • Verify and Troubleshoot Hub-and-Spoke FlexVPN
  • Lab 3-2: Implement Hub-to-Spoke Secure Connectivity Using Cisco IOS Flex VPN
  • Spoke-to-Spoke Shortcut Scenario
  • Troubleshoot Spoke-to-Spoke Shortcut Switching (just flowchart and important show/debug command output)
  • Lab 3-3: Implement Spoke-to-Spoke Secure Connectivity Using Cisco IOS Flex VPN
Module 4: Deploying SSL VPNs
  • Configure ASA gateway
  • Configure basic authentication
  • Configure access control (including URL entry and bookmarks)
  • Verify basic clientless SSL VPN
  • Troubleshoot basic clientless SSL VPN
  • Lab 4-1 Objective: Implement Basic Cisco Clientless SSL VPN on Cisco ASA
  • Deploying Application Access options (plug-ins, smart tunnels)
  • Lab 4-2 Objective: Application Access clientless SSL
  • Advanced Authentication in Cisco Clientless SSL VPN Solution Components
  • Lab 4-3 Objective: Advanced AAA Clientless SSL
Module 5: Deploying Cisco AnyConnect VPNs
  • IP Address assignment
  • Split Tunneling
  • Verify and Troubleshoot Basic Cisco AnyConnect SSL VPN
  • Lab 5-1 Objective: Implement Basic Cisco AnyConnect SSL VPN on Cisco ASA
  • DTLS Overview
  • Parallel DTLS and TLS Tunnels
  • Configure, Verify, and Troubleshoot Cisco AnyConnect Start Before Logon and Cisco AnyConnect Trusted Network Detection
  • Lab 5-2: Implement Advanced Cisco AnyConnect SSL VPN on Cisco ASA
  • AnyConnect Support for IPSec/IKEv2
  • Configure a Cisco AnyConnect IPsec/IKEv2 VPNs on a Cisco ASA Adaptive Security Appliance
  • Verify and Troubleshoot Cisco AnyConnect IPsec/IKEv2 VPNs on Cisco ASA
  • Lab 5-3: Configure Cisco AnyConnect IPsec/IKEv2 VPNs on Cisco ASA
  • Cisco AnyConnect Advanced Authentication Scenarios
  • Configure SCEP Proxy
  • Lab 5-3: Configure Cisco AnyConnect IPsec/IKEv2 VPNs on Cisco ASA
  • Lab 5-4: Implement Advanced Cisco AnyConnect SSL VPN on Cisco ASA
Module 6: Endpoint Security and Dynamic Access Policies
  • Cisco HostScan Overview
  • Cisco HostScan Prelogin Assessment
  • Install Cisco HostScan
  • Verifying and Troubleshooting DAP
  • Lab 6-1: Configure Hostscan and DAP for AnyConect SSL VPNs

Læs mere om vores virtuelle kurser og se svar på dine spørgsmål (FAQ).

Søgte du et andet virtuelt kursus?

Vi tilbyder virtuelle kurser inden for mange forskellige områder. Kontakt os på tlf. 72203000 eller kurser@teknologisk.dk, så vi kan hjælpe med at imødekomme dit behov.

Har du faglige spørgsmål så kontakt
Andre kurser