Course Introduction

This five day instructor-led training course is a part of the route to CCNP Security certification.

Implementing Cisco Secure Mobility Solutions

This course prepares network security engineers with the knowledge and skills required to secure data being transferred over a public or shared infrastructure such as the Internet by implementing and maintaining Cisco VPN solutions. The candidates gain hands-on experience by configuring and troubleshooting remote access and site-to- site VPN solutions, using Cisco ASA adaptive security appliances and Cisco IOS routers.

Course Content

The Role of VPNs in Network Security

  • VPN Definition
  • Key Threats to WANs and Remote Access
  • Cisco Modular Network Design and VPNs
  • VPN Types
  • VPN Components
  • Secure Communication and Cryptographic Services
  • Cryptographic Algorithms
  • Cryptography and Confidentiality
  • Cryptography and Integrity
  • Cryptography and Authentication
  • Cryptography and Nonrepudiation
  • Keys in Cryptography
  • Public Key Infrastructure
  • Next-Generation Encryption
  • Dependencies in Cryptographic Services
  • Cryptographic Controls Guidelines

Deploying Secure Site-to- Site Connectivity Solutions

  • Site-to- Site VPN Topologies
  • Site-to- Site VPN Technologies
  • IPsec VPN Overview
  • Internet Key Exchange v1 and v2
  • Encapsulating Security Payload
  • IPsec Virtual Tunnel Interface
  • Dynamic Multipoint VPN
  • Cisco IOS FlexVPN
  • Overview of Point-to- Point IPsec VPNs on the Cisco ASA
  • Configuration Tasks for Basic Point-to- Point Tunnels on the Cisco ASA
  • Enable IKE on an Interface
  • Configure IKE Policy
  • Configure PSKs
  • Choose Transform Set and VPN Peer
  • Choose Traffic for VPN
  • Configuring Site-to- Site VPN with Connection Profiles Menu
  • Verify and Troubleshoot Basic Point-to- Point Tunnels on the Cisco ASA
  • Lab
  • Overview of Cisco IOS VTIs
  • Configure Static VTI Point-to- Point Tunnels
  • Verify Static VTI Point-to- Point Tunnels
  • Configure Dynamic VTI Point-to- Point Tunnels
  • Verify Dynamic VTI Point-to- Point Tunnels
  • Lab
  • Overview of Cisco IOS DMVPN
  • DMVPN Solution Components
  • GRE
  • NHRP
  • DMVPN Operations
  • Types of Authentication
  • Configure DMVPN on Hub
  • Configure DMVPN on Spoke
  • Configure Routing in DMVPN
  • Verify DMVPN

Module 3: Deploying Cisco IOS Site-to- Site FlexVPN Solutions

  • FlexVPN Overview
  • Public Key Infrastructure (PKI)
  • Site-to- Site VPN Topologies
  • FlexVPN Architecture
  • FlexVPN Configuration Overview
  • FlexVPN Capabilities
  • IKEv2 vs. IKEv1 Overview
  • IKEv2 Message Exchange
  • IKEv2 DoS Prevention
  • IKEv1 and IKEv2 Comparison
  • FlexVPN Use Cases
  • Point-to- Point FlexVPN
  • lexVPN Configuration Blocks
  • IKEv2 Profile
  • Smart Defaults
  • Manipulating Default Values
  • Negotiating IKEv2 Proposals
  • Point-to- Point VPN Scenario with IPv4 Static Routes
  • Configure and Verify Point-to- Point VPN with IPv4 Static Routes
  • Point-to- Point VPN Scenario with OSPFv3
  • Configure and Verify Point-to- Point VPN with OSPFv3
  • Enroll Devices to ECDSA PKI
  • Configure Router for ECDSA
  • Configure ASA for ECDSA
  • Verify EC Key Pairs and Certificates
  • Verify IKEv2 SA
  • Verify IPsec SA
  • Verify Point-to- Point FlexVPN (just flowchart and important show/debug command output)
  • Lab 3-1: Implement Site-to- Site Secure Connectivity Using Cisco IOS FlexVPNCisco IOS FlexVPN
  • IKEv2 Configuration Payload
  • Locally Managed Hub-and- Spoke Scenario
  • Configure a Spoke in a Hub-and- Spoke Scenario
  • Configure a Hub in a Hub-and- Spoke Scenario
  • Configuration Exchange
  • Verify and Troubleshoot Hub-and- Spoke FlexVPN
  • Lab 3-2: Implement Hub-to- Spoke Secure Connectivity Using Cisco IOS Flex VPN
  • Spoke-to- Spoke Shortcut Scenario
  • NHRP in FlexVPN
  • Configure and Verify a Spoke in a Spoke-to- Spoke Shortcut Scenario
  • Configure and Verify a Hub in a Spoke-to- Spoke Shortcut Scenario
  • RADIUS-Managed FlexVPN Scenario
  • Verify Spoke-to- Spoke Shortcut Switching
  • Troubleshoot Spoke-to- Spoke Shortcut Switching (just flowchart and important show/debug command output)
  • Lab 3-3: Implement Spoke-to- Spoke Secure Connectivity Using Cisco IOS Flex VPN

Module 4: Deploying SSL VPNs

  • SSL VPN Components
  • SSL/TLS
  • Overview of group policies and connection profiles
  • Basic Cisco Clientless SSL VPN
  • Solution Components
  • Configure ASA gateway
  • Configure basic authentication
  • Configure access control (including URL entry and bookmarks)
  • Verify basic clientless SSL VPN
  • Troubleshoot basic clientless SSL VPN
  • LAB
  • Configure and verify plugins
  • Configure and verify smart tunnels
  • Troubleshoot plugins and smart tunnel
  • LAB
  • Advanced Authentication in Cisco Clientless SSL VPN Solution Components
  • Configure and verify Certificate based Authentication
  • Configure and Verify External Authentication
  • Troubleshoot Advanced Authentication in Clientless SSL VPN
  • LAB

Module 5: Deploying Cisco AnyConnect VPNs

  • IP Address assignment
  • Split Tunneling
  • Basic Cisco AnyConnect SSL VPN
  • Solution Components
  • SSL VPN Server Authentication
  • SSL VPN Clients Authentication
  • SSL VPN Clients IP Address Assignment
  • SSL VPN Split Tunneling
  • Configure ASA for Basic AnyConnect SSL VPN
  • Configure Basic Cisco Authentication
  • Configure Access Control
  • Verify and Troubleshoot Basic Cisco AnyConnect SSL VPN
  • LAB
  • DTLS Overview
  • Parallel DTLS and TLS Tunnels
  • Configure DTLS
  • Verify DTLS
  • Cisco AnyConnect Client Configuration Management
  • Cisco AnyConnect Client Operating System Integration Options
  • Cisco AnyConnect Start Before Logon
  • Cisco AnyConnect Trusted Network Detection
  • Configure, Verify, and Troubleshoot Cisco AnyConnect Start Before
  • Logon and Cisco AnyConnect Trusted Network Detection
  • LAB
  • Configure a Cisco AnyConnect IPsec/IKEv2 VPNs on a Cisco ASA Adaptive Security Appliance
  • Verify and Troubleshoot Cisco AnyConnect IPsec/IKEv2 VPNs on Cisco ASA
  • LAB
  • External Authentication
  • Certificate-Based Server Authentication
  • Configure and Verify Certificate-Based Client Authentication
  • SCEP Proxy Overview
  • SCEP Proxy Connection Flow
  • SCEP Proxy Configuration Procedure
  • Configure SCEP Proxy
  • Verify SCEP Proxy
  • Local Authorization Overview
  • Local Authorization Scenario
  • Local Authorization Configuration Procedure
  • Configure Local Authorization
  • External Authentication and Authorization Scenario
  • Configure External Authentication and Authorization
  • Troubleshoot Advanced Authentication and Authorization in Cisco AnyConnect VPNs
  • Accounting
  • LAB

Module 6: Endpoint Security and Dynamic Access Policies

  • Cisco HostScan Overview
  • Cisco HostScan Prelogin Assessment
  • Install Cisco HostScan
  • Configure Prelogin Criteria and Prelogin Policy
  • Configure Host Scan Endpoint Assessment
  • Configure Host Scan Advanced Endpoint Assessment
  • DAP Overview
  • Integrating DAP with Host Scan
  • Configuring DAP
  • Verifying and Troubleshooting DAP
  • LAB

Prerequisites

  • Cisco Certified Network Associate (CCNA®) certification
  • Cisco Certified Network Associate (CCNA®) Security certification
  • Knowledge of Microsoft Windows operating system

Target Audience

  • Network Security Engineers

Delegates Will Learn How To

  • Define the various VPN technologies, deployments, cryptographic algorithms and protocols that provide VPN security.
  • Implement and maintain Cisco site-to- site VPN solutions.
  • Implement and maintain Cisco FlexVPN in point-to- point, hub-and- spoke, and spoke-to- spoke IPsec VPNs.
  • Implement and maintain Cisco clientless SSL VPNs.
  • Implement and maintain Cisco AnyConnect SSL and IPsec VPNs.
  • Implement and maintain endpoint security and dynamic access policies (DAP)

Training Solutions at Your Convenience

Our objective has always been to address and resolve the problems of our learners in an efficient manner and improve their learning prospects. We are accustomed in providing training courses as per our learner’s convenience. We love every opportunity to use our experience to resolve difficulties confronted by learners.

Implementing Cisco Secure Mobility Solutions Training Calender

Filters

arrow

Implementing Cisco Secure Mobility Solutions

Contact Us for Date and Price

Enquire Nowup-arrow

---- OR ----

Reach Us at +44 161 884 3134 or info@bestpracticetraining.com for more information.

Implementing Cisco Secure Mobility Solutions

Contact us for Date and Price

Enquire up-arrow

---- OR ----

Reach Us at +44 161 884 3134 or info@bestpracticetraining.com for more information.

Implementing Cisco Secure Mobility Solutions

Contact us for Date and Price

Enquire up-arrow

---- OR ----

Reach Us at +44 161 884 3134 or info@bestpracticetraining.com for more information.

ONSITE ENQUIRY?

Fill up the form below and we will get back to you!

name name-red
email email-red
phone-call phonecall-red
house house-red
book book-red
position position-red
house house-red
comment comment-red
conference

Video Conferencing

We provide the best web conferencing platform(s) to facilitate our learners to enhance their communication with the instructor.

whiteboard

Digital Whiteboards

Our courses include the real-time demonstration of figures, diagrams and other interactive material through digital whiteboards.

messaging

Instant Messaging

During the Virtual Classroom session, learners can raise their queries through instant messaging and follow up on their doubts.

control

Participation Controls

Through participating effectively in training, individuals can easily discuss their views, mute their surroundings and virtually "raise" their hands.

Features of Our Virtual Classroom Courses

future

How to Choose and Attend Your Ideal Course?

FIND COURSES

We provide 400+ courses covering broader aspects of personal and professional development training needed by any individual. You can choose any course as per your need or requirement. Our courses are designed to fulfil the current organisational and job marketplace requirements.

search}

Select the Course

Choose the course you want to attend to fulfil your desired goals.

details}

Attend the Course

Attend the training with your prefered method at your convenience.

book}

Get Certification

Upon finishing the course, you will get the completion certificate validating your learning.

Implementing Cisco Secure Mobility Solutions

Benefits of Attending Our Online Courses

We provide a variety of certification programmes or courses for individuals to master a skill set and pursue a full-time career in management, IT, or other domains through the online method to provide them with the convenience of learning. Our dedicated staff works tirelessly to assure the availability of courses with eminence quality that's not found anywhere with benefits like:

skilled

Get Tailored Programmes

affordable

Quick Delivery

flexible

Scalability and Consistency

access

90 Days Access

Learn a New Skill From Onsite Training

Adaptable Courses

We provide onsite courses modified according to our client's organisational needs.

Cost-Effective Learning

Onsite training helps you to reduce travelling and venue expenses.

Learn in Familiar Surroundings

Training at your convenient place can be ideal for learning new skills.

Team Building Opportunity

Attending onsite training with your team can help to improve your team dynamics tremendously.

name

name name-red
phone-call phonecall-red
email email-red
email email-red
comment comment-red
up-arrow
LOADING