1528 Courses in Cardiff delivered Live Online

Duration 3 Days 18 CPD hours This course is intended for Field engineers Network engineers Network administrators System engineers Overview After taking this course, you should be able to: Describe Cisco SD-Access architecture and its components Explain Cisco DNA Center deployment models, scaling, and high availability Identify Cisco SD-Access fabric protocols and node roles Understand the Cisco SD-Access Wireless deployment models Automate Day 0 device onboarding with Cisco DNA Center LAN Automation and Network PnP Deploy simple Cisco SD-Access fabric networks Monitor health and performance of the network with Cisco DNA Center Assurance Interact with the Cisco DNA Center Platform Intent APIs The Understanding Cisco SDA Fundamentals (SDAFND) v1.0 course introduces you to Cisco© Software-Defined Access and teaches you, through a combination of lectures and labs, how to implement simple, single-site fabric networks.You will learn the benefits of leveraging Software-Defined Access in the Cisco-powered Enterprise Campus network. SDAFNDwill introduce the solution, its architecture and components, and guide you through labs to design and deploy simple Cisco SD-Access networks. Course Outline Introducing Cisco SD-Access Introducing Cisco DNA Center Exploring Cisco SD-Access Solution Components Exploring Cisco SD-Access Wireless Architecture Automating Network Changes with Cisco DNA Center Deploying Fabric Networks with Cisco DNA Center Exploring Cisco DNA Center Assurance Exploring Cisco DNA Center Programmability

Duration 5 Days 30 CPD hours This course is intended for Channel partners and resellers Network administrators Network engineers Sales engineers System engineers Technical architects Technical support personnel Overview After taking this course, you should be able to: Identify the Cisco Digital Network Architecture solution by describing the vision, strategy, general concepts, and components. Describe the Cisco DNA Center design application, hierarchical network design, and basic network settings, and describe the integration of Cisco DNA Center with Cisco Identity Services Engine (Cisco ISE) for Automation and Assurance. Describe the Cisco DNA Center Inventory and the available mechanisms for discovering and adding network devices, and explore the device compatibility with Cisco DNA Center and SD-Access. Describe the Cisco DNA Center automation features such as configuration templates, software image maintenance, and Plug and Play (PnP) device onboarding. Explore the Cisco DNA Center user interface, the available workflows for onboarding devices, and how to design and manage a network. Introduce Cisco SD-Access, describe the different node types in the fabric and the two-level segmentation provided by the solution, and take a deep dive into the control and data plane protocols used in Cisco SD-Access. Describe the Cisco DNA Center workflow for deploying Cisco SD-Access, defining all the prerequisite network settings and profiles, defining the required policies, creating fabric domains and sites, and provisioning fabric nodes. Create and manage fabric domains and sites, provision fabric devices, and onboard your endpoints in a single site or distributed fabric campus network. Describe the features available for automating and monitoring wireless networks with Cisco DNA Center, and describe the available deployment models with their benefits and limitations, such as wireless Over-the-Top (OTT) and SD-Access Wireless. Describe the Cisco SD-Access Extension for IoT solution, its architecture and components, and the benefits and limitations of the solution Describe the use cases and migration scenarios for migrating users from traditional campus to SD The Transforming to a Cisco Intent-Based Network (IBNTRN) v1.1 course teaches you how the functionality of Cisco© SD-Access fits into Cisco Digital Network Architecture (Cisco DNA?). Through a combination of lessons and hands-on learning, you will practice operating, managing, and integrating Cisco DNA Center, programmable network infrastructure, and Cisco SD-Access fundamentals. You will learn how Cisco delivers intent-based networking across the campus, branch, WAN, and extended enterprise and ensures that your network is operating as intended. Course Outline Introducing Cisco DNA Architecture Cisco DNA Center Design Cisco DNA Center Inventory Cisco DNA Center Automation Explore Cisco DNA Center and Automating Network Changes Introducing Cisco Software-Defined Access Deploying Cisco Software-Defined Access Deploy Wired Fabric Networks with Cisco DNA Center Cisco SD-Access for Wireless Cisco SD-Access Extension for IoT Deploy Brownfield and Fabric Wireless Network with Cisco DNA Center Migrating to Cisco SD-Access Cisco SD-Access Multicast Integrating Cisco DNA Center Deploy SD-Access Layer 2 Borders and Multicast and Integrate Cisco DNA Center with External Services or Applications Understanding Programmable Network Infrastructure Operating and Managing Cisco DNA Infrastructure Test Drive Cisco DNA Center APIs

Duration 5 Days 30 CPD hours This course is intended for Network security engineers ISE administrators Wireless network security engineers Cisco integrators and partners Overview After taking this course, you should be able to: Describe Cisco ISE deployments, including core deployment components and how they interact to create a cohesive security architecture. Describe the advantages of such a deployment and how each Cisco ISE capability contributes to these advantages. Describe concepts and configure components related to 802.1X and MAC Authentication Bypass (MAB) authentication, identity management, and certificate services. Describe how Cisco ISE policy sets are used to implement authentication and authorization, and how to leverage this capability to meet the needs of your organization. Describe third-party Network Access Devices (NADs), Cisco TrustSec, and Easy Connect. Describe and configure web authentication, processes, operation, and guest services, including guest access components and various guest access scenarios. Describe and configure Cisco ISE profiling services, and understand how to monitor these services to enhance your situational awareness about network-connected endpoints. Describe best practices for deploying this profiler service in your specific environment. Describe BYOD challenges, solutions, processes, and portals. Configure a BYOD solution, and describe the relationship between BYOD processes and their related configuration components. Describe and configure various certificates related to a BYOD solution. Describe the value of the My Devices portal and how to configure this portal. Describe endpoint compliance, compliance components, posture agents, posture deployment and licensing, and the posture service in Cisco ISE. Describe and configure TACACS+ device administration using Cisco ISE, including command sets, profiles, and policy sets. Understand the role of TACACS+ within the Authentication, Authentication, and Accounting (AAA) framework and the differences between the RADIUS and TACACS+ protocols. Migrate TACACS+ functionality from Cisco Secure Access Control System (ACS) to Cisco ISE, using a migration tool. Implementing and Configuring Cisco Identity Services Engine (SISE) v3.0 is a Cisco ISE training program that discusses the Cisco Identity Services Engine, an identity and access control policy platform that provides a single policy plane across the entire organization, combining multiple services, including authentication, authorization, and accounting (AAA), posture, profiling, device onboarding, and guest management, into a single context-aware identity-based platform. This CCNA course provides students with the knowledge and skills to enforce security posture compliance for wired and wireless endpoints as well as enhance infrastructure security using the Cisco ISE. Introducing Cisco ISE Architecture and Deployment Using Cisco ISE as a Network Access Policy Engine Cisco ISE Use Cases Describing Cisco ISE Functions Cisco ISE Deployment Models Context Visibility Cisco ISE Policy Enforcement Using 802.1X for Wired and Wireless Access Using MAC Authentication Bypass for Wired and Wireless Access Introducing Identity Management Configuring Certificate Services Introducing Cisco ISE Policy Implementing Third-Party Network Access Device Support Introducing Cisco TrustSec Cisco TrustSec Configuration Easy Connect Web Authentication and Guest Services Introducing Web Access with Cisco ISE Introducing Guest Access Components Configuring Guest Access Settings Configuring Sponsor and Guest Portals Cisco ISE Profiler Introducing Cisco ISE Profiler Profiling Deployment and Best Practices Cisco ISE BYOD Introducing the Cisco ISE BYOD Process Describing BYOD Flow Configuring the My Devices Portal Configuring Certificates in BYOD Scenarios Cisco ISE Endpoint Compliance Services Introducing Endpoint Compliance Services Configuring Client Posture Services and Provisioning in Cisco ISE Working with Network Access Devices Review TACACS+ Cisco ISE TACACS+ Device Administration Configure TACACS+ Device Administration TACACS+ Device Administration Guidelines and Best Practices Migrating from Cisco ACS to Cisco ISE Lab outline Access the SISE Lab and Install ISE 2.4 Configure Initial Cisco ISE Setup, GUI Familiarization, and System Certificate Usage Integrate Cisco ISE with Active Directory Configure Basic Policy on Cisco ISE Configure Policy Sets Configure Access Policy for Easy Connect Configure Guest Access Configure Guest Access Operations Create Guest Reports Configure Profiling Customize the Cisco ISE Profiling Configuration Create Cisco ISE Profiling Reports Configure BYOD Blacklisting a Device Configure Cisco ISE Compliance Services Configure Client Provisioning Configure Posture Policies Test and Monitor Compliance-Based Access Test Compliance Policy Configure Cisco ISE for Basic Device Administration Configure TACACS+ Command Authorization

Duration 3 Days 18 CPD hours This course is intended for Field engineers Network engineers Network administrators System engineers Overview After taking this course, you should be able to: Describe Cisco SD-Access architecture and its components Explain Cisco DNA Center deployment models, scaling, and high availability Identify Cisco SD-Access fabric protocols and node roles Understand the Cisco SD-Access Wireless deployment models Automate Day 0 device onboarding with Cisco DNA Center LAN Automation and Network PnP Deploy simple Cisco SD-Access fabric networks Monitor health and performance of the network with Cisco DNA Center Assurance Interact with the Cisco DNA Center Platform Intent APIs The Understanding Cisco SDA Fundamentals (SDAFND) v1.0 course introduces you to Cisco© Software-Defined Access and teaches you, through a combination of lectures and labs, how to implement simple, single-site fabric networks.You will learn the benefits of leveraging Software-Defined Access in the Cisco-powered Enterprise Campus network. SDAFND will introduce the solution, its architecture and components, and guide you through labs to design and deploy simple Cisco SD-Access networks.This course will help you Deploy Cisco SD-Access networks. Explain Cisco Software-Designed Access. Operate, manage, and integrate Cisco DNA Center?Prepare for various Cisco certifications Cisco Certified Specialist ? Enterprise Core (ENCOR), and Cisco Certified Specialist ? Enterprise Design (ENSLD) Course Outline Introducing Cisco SD-Access Introducing Cisco DNA Center Exploring Cisco SD-Access Solution Components Exploring Cisco SD-Access Wireless Architecture Automating Network Changes with Cisco DNA Center Deploying Fabric Networks with Cisco DNA Center Exploring Cisco DNA Center Assurance Exploring Cisco DNA Center Programmability Additional course details: Nexus Humans Understanding Cisco SDA Fundamentals (SDAFND) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Understanding Cisco SDA Fundamentals (SDAFND) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for Network security engineers ISE administrators Wireless network security engineers Cisco integrators and partners Overview After taking this course, you should be able to: Describe Cisco ISE deployments, including core deployment components and how they interact to create a cohesive security architecture. Describe the advantages of such a deployment and how each Cisco ISE capability contributes to these advantages. Describe concepts and configure components related to 802.1X and MAC Authentication Bypass (MAB) authentication, identity management, and certificate services. Describe how Cisco ISE policy sets are used to implement authentication and authorization, and how to leverage this capability to meet the needs of your organization. Describe third-party Network Access Devices (NADs), Cisco TrustSec, and Easy Connect. Describe and configure web authentication, processes, operation, and guest services, including guest access components and various guest access scenarios. Describe and configure Cisco ISE profiling services, and understand how to monitor these services to enhance your situational awareness about network-connected endpoints. Describe best practices for deploying this profiler service in your specific environment. Describe BYOD challenges, solutions, processes, and portals. Configure a BYOD solution, and describe the relationship between BYOD processes and their related configuration components. Describe and configure various certificates related to a BYOD solution. Describe the value of the My Devices portal and how to configure this portal. Describe endpoint compliance, compliance components, posture agents, posture deployment and licensing, and the posture service in Cisco ISE. Describe and configure TACACS+ device administration using Cisco ISE, including command sets, profiles, and policy sets. Understand the role of TACACS+ within the Authentication, Authentication, and Accounting (AAA) framework and the differences between the RADIUS and TACACS+ protocols. Migrate TACACS+ functionality from Cisco Secure Access Control System (ACS) to Cisco ISE, using a migration tool. The Implementing and Configuring Cisco Identity Services Engine (SISE) v3.0 course shows you how to deploy and use Cisco© Identity Services Engine (ISE) v2.4, an identity and access control policy platform that simplifies the delivery of consistent, highly secure access control across wired, wireless, and VPN connections. This hands-on course provides you with the knowledge and skills to implement and use Cisco ISE, including policy enforcement, profiling services, web authentication and guest access services, BYOD, endpoint compliance services, and TACACS+ device administration. Through expert instruction and hands-on practice, you will learn how to use Cisco ISE to gain visibility into what is happening in your network, streamline security policy management, and contribute to operational efficiency. This course helps you prepare to take the exam, Implementing and Configuring Cisco Identity Services Engine (300-715 SISE), which leads to CCNP© Security and the Cisco Certified Specialist - Security Identity Management Implementation certifications. Introducing Cisco ISE Architecture and Deployment Using Cisco ISE as a Network Access Policy Engine Cisco ISE Use Cases Describing Cisco ISE Functions Cisco ISE Deployment Models Context Visibility Cisco ISE Policy Enforcement Using 802.1X for Wired and Wireless Access Using MAC Authentication Bypass for Wired and Wireless Access Introducing Identity Management Configuring Certificate Services Introducing Cisco ISE Policy Implementing Third-Party Network Access Device Support Introducing Cisco TrustSec Cisco TrustSec Configuration Easy Connect Web Authentication and Guest Services Introducing Web Access with Cisco ISE Introducing Guest Access Components Configuring Guest Access Settings Configuring Sponsor and Guest Portals Cisco ISE Profiler Introducing Cisco ISE Profiler Profiling Deployment and Best Practices Cisco ISE BYOD Introducing the Cisco ISE BYOD Process Describing BYOD Flow Configuring the My Devices Portal Configuring Certificates in BYOD Scenarios Cisco ISE Endpoint Compliance Services Introducing Endpoint Compliance Services Configuring Client Posture Services and Provisioning in Cisco ISE Working with Network Access Devices Review TACACS+ Cisco ISE TACACS+ Device Administration Configure TACACS+ Device Administration TACACS+ Device Administration Guidelines and Best Practices Migrating from Cisco ACS to Cisco ISE Lab outline Access the SISE Lab and Install ISE 2.4 Configure Initial Cisco ISE Setup, GUI Familiarization, and System Certificate Usage Integrate Cisco ISE with Active Directory Configure Basic Policy on Cisco ISE Configure Policy Sets Configure Access Policy for Easy Connect Configure Guest Access Configure Guest Access Operations Create Guest Reports Configure Profiling Customize the Cisco ISE Profiling Configuration Create Cisco ISE Profiling Reports Configure BYOD Blacklisting a Device Configure Cisco ISE Compliance Services Configure Client Provisioning Configure Posture Policies Test and Monitor Compliance-Based Access Test Compliance Policy Configure Cisco ISE for Basic Device Administration Configure TACACS+ Command Authorization Additional course details: Nexus Humans Cisco Implementing and Configuring Cisco Identity Services Engine v3.0 (SISE) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco Implementing and Configuring Cisco Identity Services Engine v3.0 (SISE) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for Security engineer Network engineer Network designer Network administrator Systems engineer Consulting systems engineer Technical solutions architect Network manager Cisco integrators and partners Overview After taking this course, you should be able to: Describe information security concepts and strategies within the network Describe common TCP/IP, network application, and endpoint attacks Describe how various network security technologies work together to guard against attacks Implement access control on Cisco ASA appliance and Cisco Firepower Next-Generation Firewall Describe and implement basic email content security features and functions provided by Cisco Email Security Appliance Describe and implement web content security features and functions provided by Cisco Web Security Appliance Describe Cisco Umbrella security capabilities, deployment models, policy management, and Investigate console Introduce VPNs and describe cryptography solutions and algorithms Describe Cisco secure site-to-site connectivity solutions and explain how to deploy Cisco Internetwork Operating System (Cisco IOS) Virtual Tunnel Interface (VTI)-based point-to-point IPsec VPNs, and point-to-point IPsec VPN on the Cisco ASA and Cisco Firepower Next-Generation Firewall (NGFW) Describe and deploy Cisco secure remote access connectivity solutions and describe how to configure 802.1X and Extensible Authentication Protocol (EAP) authentication Provide basic understanding of endpoint security and describe Advanced Malware Protection (AMP) for Endpoints architecture and basic features Examine various defenses on Cisco devices that protect the control and management plane Configure and verify Cisco IOS software Layer 2 and Layer 3 data plane controls Describe Cisco Stealthwatch Enterprise and Stealthwatch Cloud solutions Describe basics of cloud computing and common cloud attacks and how to secure cloud environment The Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0 course helps you prepare for the Cisco© CCNP© Security and CCIE© Security certifications and for senior-level security roles. In this course, you will master the skills and technologies you need to implement core Cisco security solutions to provide advanced threat protection against cybersecurity attacks. You will learn security for networks, cloud and content, endpoint protection, secure network access, visibility, and enforcements. You will get extensive hands-on experience deploying Cisco Firepower© Next-Generation Firewall and Cisco Adaptive Security Appliance (ASA) Firewall; configuring access control policies, mail policies, and 802.1X Authentication; and more. You will get introductory practice on Cisco Stealthwatch© Enterprise and Cisco Stealthwatch Cloud threat detection features. This course, including the self-paced material, helps prepare you to take the exam, Implementing and Operating Cisco Security Core Technologies (350-701 SCOR), which leads to the new CCNP Security, CCIE Security, and the Cisco Certified Specialist - Security Core certifications. Describing Information Security Concepts* Information Security Overview Assets, Vulnerabilities, and Countermeasures Managing Risk Vulnerability Assessment Understanding Common Vulnerability Scoring System (CVSS) Describing Common TCP/IP Attacks* Legacy TCP/IP Vulnerabilities IP Vulnerabilities Internet Control Message Protocol (ICMP) Vulnerabilities TCP Vulnerabilities User Datagram Protocol (UDP) Vulnerabilities Attack Surface and Attack Vectors Reconnaissance Attacks Access Attacks Man-in-the-Middle Attacks Denial of Service and Distributed Denial of Service Attacks Reflection and Amplification Attacks Spoofing Attacks Dynamic Host Configuration Protocol (DHCP) Attacks Describing Common Network Application Attacks* Password Attacks Domain Name System (DNS)-Based Attacks DNS Tunneling Web-Based Attacks HTTP 302 Cushioning Command Injections SQL Injections Cross-Site Scripting and Request Forgery Email-Based Attacks Describing Common Endpoint Attacks* Buffer Overflow Malware Reconnaissance Attack Gaining Access and Control Gaining Access via Social Engineering Gaining Access via Web-Based Attacks Exploit Kits and Rootkits Privilege Escalation Post-Exploitation Phase Angler Exploit Kit Describing Network Security Technologies Defense-in-Depth Strategy Defending Across the Attack Continuum Network Segmentation and Virtualization Overview Stateful Firewall Overview Security Intelligence Overview Threat Information Standardization Network-Based Malware Protection Overview Intrusion Prevention System (IPS) Overview Next Generation Firewall Overview Email Content Security Overview Web Content Security Overview Threat Analytic Systems Overview DNS Security Overview Authentication, Authorization, and Accounting Overview Identity and Access Management Overview Virtual Private Network Technology Overview Network Security Device Form Factors Overview Deploying Cisco ASA Firewall Cisco ASA Deployment Types Cisco ASA Interface Security Levels Cisco ASA Objects and Object Groups Network Address Translation Cisco ASA Interface Access Control Lists (ACLs) Cisco ASA Global ACLs Cisco ASA Advanced Access Policies Cisco ASA High Availability Overview Deploying Cisco Firepower Next-Generation Firewall Cisco Firepower NGFW Deployments Cisco Firepower NGFW Packet Processing and Policies Cisco Firepower NGFW Objects Cisco Firepower NGFW Network Address Translation (NAT) Cisco Firepower NGFW Prefilter Policies Cisco Firepower NGFW Access Control Policies Cisco Firepower NGFW Security Intelligence Cisco Firepower NGFW Discovery Policies Cisco Firepower NGFW IPS Policies Cisco Firepower NGFW Malware and File Policies Deploying Email Content Security Cisco Email Content Security Overview Simple Mail Transfer Protocol (SMTP) Overview Email Pipeline Overview Public and Private Listeners Host Access Table Overview Recipient Access Table Overview Mail Policies Overview Protection Against Spam and Graymail Anti-virus and Anti-malware Protection Outbreak Filters Content Filters Data Loss Prevention Email Encryption Deploying Web Content Security Cisco Web Security Appliance (WSA) Overview Deployment Options Network Users Authentication Secure HTTP (HTTPS) Traffic Decryption Access Policies and Identification Profiles Acceptable Use Controls Settings Anti-Malware Protection Deploying Cisco Umbrella* Cisco Umbrella Architecture Deploying Cisco Umbrella Cisco Umbrella Roaming Client Managing Cisco Umbrella Cisco Umbrella Investigate Overview and Concepts Explaining VPN Technologies and Cryptography VPN Definition VPN Types Secure Communication and Cryptographic Services Keys in Cryptography Public Key Infrastructure Introducing Cisco Secure Site-to-Site VPN Solutions Site-to-Site VPN Topologies IPsec VPN Overview IPsec Static Crypto Maps IPsec Static Virtual Tunnel Interface Dynamic Multipoint VPN Cisco IOS FlexVPN Deploying Cisco IOS VTI-Based Point-to-Point IPsec VPNs Cisco IOS VTIs Static VTI Point-to-Point IPsec Internet Key Exchange (IKE) v2 VPN Configuration Deploying Point-to-Point IPsec VPNs on the Cisco ASA and Cisco Firepower NGFW Point-to-Point VPNs on the Cisco ASA and Cisco Firepower NGFW Cisco ASA Point-to-Point VPN Configuration Cisco Firepower NGFW Point-to-Point VPN Configuration Introducing Cisco Secure Remote Access VPN Solutions Remote Access VPN Components Remote Access VPN Technologies Secure Sockets Layer (SSL) Overview Deploying Remote Access SSL VPNs on the Cisco ASA and Cisco Firepower NGFW Remote Access Configuration Concepts Connection Profiles Group Policies Cisco ASA Remote Access VPN Configuration Cisco Firepower NGFW Remote Access VPN Configuration Explaining Cisco Secure Network Access Solutions Cisco Secure Network Access Cisco Secure Network Access Components AAA Role in Cisco Secure Network Access Solution Cisco Identity Services Engine Cisco TrustSec Describing 802.1X Authentication 802.1X and Extensible Authentication Protocol (EAP) EAP Methods Role of Remote Authentication Dial-in User Service (RADIUS) in 802.1X Communications RADIUS Change of Authorization Configuring 802.1X Authentication Cisco Catalyst© Switch 802.1X Configuration Cisco Wireless LAN Controller (WLC) 802.1X Configuration Cisco Identity Services Engine (ISE) 802.1X Configuration Supplicant 802.1x Configuration Cisco Central Web Authentication Describing Endpoint Security Technologies* Host-Based Personal Firewall Host-Based Anti-Virus Host-Based Intrusion Prevention System Application Whitelists and Blacklists Host-Based Malware Protection Sandboxing Overview File Integrity Checking Deploying Cisco Advanced Malware Protection (AMP) for Endpoints* Cisco AMP for Endpoints Architecture Cisco AMP for Endpoints Engines Retrospective Security with Cisco AMP Cisco AMP Device and File Trajectory Managing Cisco AMP for Endpoints Introducing Network Infrastructure Protection* Identifying Network Device Planes Control Plane Security Controls Management Plane Security Controls Network Telemetry Layer 2 Data Plane Security Controls Layer 3 Data Plane Security Controls Deploying Control Plane Security Controls* Infrastructure ACLs Control Plane Policing Control Plane Protection Routing Protocol Security Deploying Layer 2 Data Plane Security Controls* Overview of Layer 2 Data Plane Security Controls Virtual LAN (VLAN)-Based Attacks Mitigation Sp

Duration 5 Days 30 CPD hours This course is intended for Students who need to know how to implement and manage Cisco ASA 5500-X. Overview Upon successful completion of this course, students should be able to do the following:? Technology and features of the Cisco ASA? Cisco ASA product family? How ASAs protect network devices from attacks? Bootstrap the security appliance? Prepare the security appliance for configuration via the Cisco Adaptive Security Device Manager (ASDM)? Launch and navigate ASDM? Essential security appliance configuration using ASDM and the command-line interface (CLI)? Configure dynamic and static address translations? Configure access policy based on ACLs? Use object groups to simplify ACL complexity and maintenance? Use the Modular Policy Framework to provide unique policies to specific data flows? Handle advanced protocols with application inspection? Troubleshoot with syslog and tcp ping? Configure the ASA to work with Cisco Secure ACS 5.2 for RADIUS-based AAA of VPNs? Implement site-to-site IPsec VPN? Implement remote access IPsec and SSL VPNs using the Cisco AnyConnect 3.0 Secure Mobility Client? Work with the 5.x Legacy Cisco IPsec VPN client and Anyconnect VPN client? Deploy clientless SSL VPN access, including smart tunnels, plug-ins, and web-type ACLs? Configure access control policies to implement your security policy across all classes of VPN? Configure Active/Standby failover for both firewall and VPN high availability Student will gain the essential skills required to configure, maintain, and operate Cisco ASA 5500-X Series Adaptive Security Appliances based on ASA Software v9.x. Cisco ASA Essentials ? Lesson 1: Evaluating Cisco ASA Technologies ? Lesson 2: Identifying Cisco ASA Families Basic Connectivity and Device Management ? Lesson 1: Preparing the Cisco ASA for Network Integration ? Lesson 2: Managing Basic Cisco ASA Network Settings ? Lesson 3: Configuring Cisco ASA Device Management Features Network Integration ? Lesson 1: Configuring Cisco ASA NAT Features ? Lesson 2: Configuring Cisco ASA Basic Access Control Features Cisco ASA Policy Control ? Lesson 1: Cisco ASA Modular Policy Framework ? Lesson 2: Configuring Cisco ASA Connection Policy Cisco ASA VPN Architecture and Common Components ? Lesson 1: Implementing Profiles, Group Policies, and User Policies ? Lesson 2: Implementing PKI Services Cisco ASA Clientless Remote Access SSL VPN Solutions ? Lesson 1: Deploying Basic Clientless VPN Solutions ? Lesson 2: Deploying Advanced Application Access for Clientless SSL VPNs Cisco AnyConnect Remote Access SSL Solutions ? Lesson 1: Deploying a Basic Cisco AnyConnect Full-Tunnel SSL VPN Solution Cisco ASA Remote Access IPsec VPNs ? Lesson 1: Deploying Cisco Remote Access VPN Clients ? Lesson 2: Deploying Basic Cisco Remote Access IPsec VPN Solutions Cisco ASA Site-to-Site IPsec VPN Solutions ? Lesson 1: Deploying Basic Site-to-Site IPsec VPNs ? Lesson 2: Deploying Advanced Site-to-Site IPsec VPNs Cisco ASA High Availability and Virtualization ? Lesson 1: Configuring Cisco ASA Active/Standby High Availability Labs Lab 1: Prepare the ASA for Administration Lab 2: Fundamental ASA Configuration Lab 3: Network Address Translation (NAT) Lab 4: Basic Access Control Lab 5: Basic Protocol Inspection Lab 6: Licensing, ACS, and Public CA Lab 7: Basic Clientless SSL VPN Lab 8: Clientless SSL VPN - Thin Apps Lab 9: Basic AnyConnect Full Tunnel SSL VPN Lab 10: Remote Access IPSec VPN Lab 11: IPSec Site-to-Site VPN Lab 12: Active/Standby Failover

Duration 5 Days 30 CPD hours This course is intended for Tier 1 system administrators, and integrators responsible for managing and maintaining VMware Horizon Infrastructure. Overview By the end of the course, you should be able to meet the following objectives: Describe the installation, architecture, and requirements of Horizon Connection Server Describe the authentication and certificate options for a VMware Horizon environment Recognize the integration process and benefits of Workspace ONE Access and VMware Horizon Compare the remote display protocols that are available in VMware Horizon Describe the 3D rendering options available in VMware Horizon Discuss the scalability options available in VMware Horizon Describe the different security options for VMware Horizon environments Discuss the advanced configurations of Horizon Connection Server List the troubleshooting techniques for common Horizon Connection Server issues Interpret the Horizon Connection Server logs Identify Unified Access Gateway configuration and certificate issues List the troubleshooting steps for common Unified Access Gateway common issues Describe Blast configuration verification using logs and settings Describe the Blast optimization recommendations for different use cases Describe VMware Horizon connections and how to troubleshoot related problems Describe VMware Horizon certificates List the troubleshooting steps for common VMware Horizon certificates issues Describe Cloud Pod Architecture troubleshooting scenarios Identify and fix problems in a VMware Horizon environment VMware Horizon 8: Infrastructure Administrator and Troubleshooting is a five-day combination course of VMware Horizon 8: Infrastructure Administration & VMware Horizon 8: Infrastructure Troubleshooting. This training collection gives you the skills to install and configure a virtual desktop infrastructure platform. This course builds your skills in installing and configuring VMware Horizon© through a combination of lecture and hands-on labs. You learn how to install and configure VMware Horizon© Connection Server?, VMware Unified Access Gateway?, how to configure a load balancer for use with Horizon, and how to establish Cloud Pod Architecture. Also, this course provides you with the advanced knowledge, skills, and abilities to troubleshoot VMware Horizon 8 infrastructure. This workshop teaches the required skill and competence for troubleshooting Horizon Connection Server, Unified Access Gateway, protocols, connections, and certificates. This course provides a challenge lab designed to present participants with infrastructure issues that may arise in actual Horizon environments. The lab objective is to put into practice the contents covered during the training to create a working environment. Course Introduction Introductions and course logistics Course objectives Horizon Connection Server Recognize VMware Horizon reference architecture Identify the supported features of Horizon Connection Server Identify the recommended system requirements for Horizon Connection Server Configure the VMware Horizon event database Outline the steps for the initial configuration of Horizon Connection Server Discuss the AD Lightweight Directory Service (LDS) database as a critical component of Horizon Connection Server installation Authentication and Certificates Compare the authentication options that Horizon Connection Server supports Describe the smart card authentication options that Horizon Connection Server supports Outline the steps to create a VMware Horizon administrator and custom roles Describe the roles available in a VMware Horizon environment Explain the role that certificates play for Horizon Connection Server Install and configure certificates for Horizon Connection Server Install and configure True SSO in a VMware Horizon environment Workspace ONE Access and Virtual Application Management Recognize the features and benefits of Workspace ONE Access Describe the features of the Workspace ONE Access console Explain identity management in Workspace ONE Access Explain access management in Workspace ONE Access Describe the Workspace ONE Access directory integration Deploy virtual applications with Workspace ONE services Horizon Protocols Compare the remote display protocols that are available in VMware Horizon Describe Blast Describe the Blast display protocol codecs Summarize the Blast codec options List the ideal applications for each Blast codec Describe Blast and PCoIP ADMX GPO common configurations Graphics Cards Describe the 3D rendering options available in Vmware Horizon Compare vSGA and vDGA List the steps to configure graphics cards for use in a VMware Horizon environment Horizon Scalability Describe the purpose of a replica connection server Explain how multiple Horizon Connection Server instances in a pod maintain synchronization List the steps to configure graphics cards for use in a VMware Horizon environment Configure a load balancer for use in a VMware Horizon environment Explain Horizon Cloud Pod Architecture LDAP replication and VIPA Explain Horizon Cloud Pod Architecture scalability options Horizon Security Explain concepts relevant to secure VMware Horizon connections Describe how to restrict VMware Horizon connections Discuss the benefits of using Unified Access Gateway List the two-factor authentication options that are supported by Unified Access Gateway List the Unified Access Gateway firewall rules Describe the situations in which you might deploy Unified Access Gateway instances with one, two, or three network interfaces Troubleshooting Horizon Connection Server Identify the general troubleshooting techniques for Horizon Connection Server Explain how to use logs to identify common Horizon Connection Server problems Describe AD LDS replication Discuss common Horizon Connection Server replication issues Explain how to interpret Horizon Connection Server logs Compare successful and unsuccessful logs from common infrastructure administration tasks Troubleshooting Unified Access Gateway Identify common Unified Access Gateway deployment issues Explain how to monitor the health of a Unified Access Gateway deployment Identify and troubleshoot Unified Access Gateway certificate issues Explain how to monitor, test, and troubleshoot network errors using tcpdump and curl Detail the general Unified Access Gateway troubleshooting methods Blast Configuration Discuss Blast codecs and Encoder Switch settings Describe how to verify BLAST configuration using logs and settings Optimizing Blast List general Blast optimization recommendations Summarize Blast tuning recommendations that apply to WAN connections Summarize Blast tuning recommendations that apply to work-from-home and home-office-to-cloud use cases Describe the recommended tuning options to increase display protocol quality for all use cases and applications Troubleshooting VMware Horizon Connections Explain VMware Horizon connections Describe the role of primary and secondary protocols in VMware Horizon connections Describe HTML client access connections Describe Horizon Connections load balancing Describe timeout settings, supported health monitoring strings, and suitable load balancer persistence values Identify the troubleshooting steps for failing VMware Horizon load balancer connections List the steps for troubleshooting VMware Horizon connections Troubleshooting VMware Horizon Certificates List the functions of VMware Horizon certificates Describe VMware Horizon certificate scenarios Discuss potential challenges related to certificates in VMware Horizon Describe the troubleshooting approach to VMware Horizon certificates issues Cloud Pod Architecture Describe Cloud Pod Architecture troubleshooting scenarios Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware Horizon 8: Infrastructure Administration and Troubleshooting training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware Horizon 8: Infrastructure Administration and Troubleshooting course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for Workspace ONE UEM operators and administrators, account managers, solutions architects, solutions engineers, sales engineers, and consultants. Overview By the end of the course, you should be able to meet the following objectives: Explain and apply the fundamental techniques for launching and maintaining an intelligence-driven, multiplatform endpoint management solution with Workspace ONE UEM Outline the components of Workspace ONE UEM Explain the general features and functionality enabled with Workspace ONE UEM Summarize basic Workspace ONE administrative functions Explain and deploy common Workspace ONE integrations Securely deploy configurations to Workspace ONE UEM managed devices Onboard device endpoints into Workspace ONE UEM Summarize alternative management methodologies for rugged devices Discuss strategies to maintain environment and device fleet health Configure and deploy applications to Workspace ONE UEM managed devices Analyze Workspace ONE UEM deployments Enable email access on devices Integrate Workspace ONE UEM with content repositories and corporate file shares Explain the general features and functionality that Workspace ONE Access enables Demonstrate how to integrate Workspace ONE UEM with Workspace ONE Access Summarize and implement Workspace ONE productivity services into the digital workspace environment Explain the methods of enabling mobile single sign-on for endpoints managed in the digital workspace Configure Workspace ONE Access to support SAML 2.0 for federated authentication across the workforce Summarize basic troubleshooting methodologies Outline common troubleshooting techniques in the Workspace ONE UEM console Outline common troubleshooting techniques when integrating enterprise solutions in the Workspace ONE UEM console Summarize common troubleshooting strategies for Workspace ONE UEM managed devices Outline common application management troubleshooting techniques in the Workspace ONE UEM console Summarize common troubleshooting techniques for email management in the Workspace ONE UEM console Explain common troubleshooting approaches for the VMware Unified Access Gateway™ platform and individual edge services Outline useful troubleshooting tools, such as the Self-Service Portal and VMware Workspace ONE Assist™ In this extended five-day course, you learn how to apply the fundamental techniques for launching and maintaining an intelligence-driven, multiplatform endpoint management solution with VMware Workspace ONE© UEM. Through a combination of hands-on labs, simulations, and interactive lectures, you will configure and manage the endpoint life cycle. After the course, you will have the foundational knowledge necessary to implement Workspace ONE UEM effectively.In addition, you learn how to apply the fundamental techniques for integrating VMware Workspace ONE© Access? with Workspace ONE UEM to distribute business-critical applications securely from any device and configure access management controls. You will learn how Workspace ONE uses various authentication methods and protocols to determine user access permissions and enable single sign-on, and you will leave with an understanding of the fundamental principles of identity and access management.Finally, you learn to investigate, analyze, and determine issues that might occur with the different components of Workspace ONE UEM. Troubleshooting is the backbone of service maintenance and management. By understanding how to effectively troubleshoot product issues, administrators can understand how product services communicate and function, in turn optimizing service and software health management. Course Introduction Introductions and course logistics Course objectives Online resources and references Platform Architecture Summarize the features and functionality of Workspace ONE UEM Outline the benefits of leveraging Workspace ONE UEM Recognize the core and productivity components that make up the Workspace ONE UEM platform Summarize high availability and disaster recovery for Workspace ONE Solution Administration Navigate and customize the Workspace ONE UEM console Summarize the hierarchical management structure Explain the features and functions of Workspace ONE Hub Services Outline account options and permissions Enterprise Integrations Outline the process and needs to integrate with directory services Explain certificate authentication and practical implementation with Workspace ONE Explain the benefits of integrating an email SMTP service into the Workspace ONE UEM console Describe VMware Dynamic Environment Manager? and its architecture Onboarding Outline the prerequisite configurations in the Workspace ONE UEM environment for onboarding devices for management Outline the steps for setting up autodiscovery in the Workspace ONE UEM console Enroll an endpoint through the VMware Workspace ONE© Intelligent Hub app Summarize platform onboarding options Managing Endpoints Explain the differences between device and user profiles Describe policy management options for Windows and macOS Describe the functions and benefits of using compliance policies Explain the use cases for Freestyle Orchestrator Describe the capabilities that sensors and scripts enable Alternative Management Methods Describe the function and benefits of device staging Configure product provisioning in the Workspace ONE UEM console Understand the benefits of deploying a VMware Workspace ONE© Launcher? configuration to Android devices List the system and device requirements for Linux device management in Workspace ONE UEM Applications Describe the features, benefits, and capabilities of application management in Workspace ONE UEM Understand and configure deployment settings for public, internal, and paid applications in the Workspace ONE UEM console Describe the benefits of using Apple Business Manager content integration Describe the benefits of using server-to-client software distribution List the functions and benefits of VMware Workspace ONE© SDK Device Email List the email clients supported by Workspace ONE UEM Configure an Exchange Active Sync profile in the Workspace ONE UEM console Configure VMware Workspace ONE© Boxer settings Summarize the available email infrastructure integration models and describe their workflows Configure email compliance policies and notifications services Content Sharing Describe the benefits of using Content Gateway and the Content Gateway workflows Describe the benefits of integrating content repositories with Workspace ONE UEM Configure a repository in the Workspace ONE UEM console Maintenance Manage endpoints from the Device List View and the Device Details View pages Analyze endpoint deployment and compliance data from the Monitor Overview page Workspace ONE Access Summarize the benefits of Workspace ONE Access Outline the core features and functions that Workspace ONE Access enables Navigate the Workspace ONE Access console Explain the functions of directory integration with Workspace ONE Access Explain the various types of authentication protocols enabled by Workspace ONE Access Integrating Workspace ONE UEM and Workspace ONE Access Explain the rationale for integrating Workspace ONE UEM and Workspace ONE Access Outline the process of connecting Workspace ONE UEM and Workspace ONE Access Explain the integrations workflow Summarize the key features of an integrated solution Productivity Integrations Identify the functions enabled by Unified Access Gateway Outline the purpose of the VMware AirWatch© Secure Email Gateway? edge service Explain the features enabled by the VMware Workspace ONE© Tunnel? edge service Summarize the capabilities enabled by the Content Gateway edge service SAML 2.0 Authentication Outline authentication methods supported by Workspace ONE Access Summarize the main properties of the SAML protocol Summarize the SAML authentication workflow Explain the application single sign-on authentication workflow with SAML Mobile Single Sign-On Describe the concept of mobile single sign-on Outline mobile single sign-on workflows Intelligence and Automation Summarize the features of VMware Workspace ONE© Intelligence? Outline the benefits of using Workspace ONE Intelligence Fundamentals of Troubleshooting Workspace ONE UEM Outline software troubleshooting logic and support methods Summarize the main process flows for the Workspace ONE UEM components Explain the importance of Workspace ONE UEM process flows for troubleshooting Identify different Workspace ONE UEM log files Workspace ONE UEM Console Troubleshooting Outline the best practices for troubleshooting Workspace ONE UEM console issues Identify common issues related to group management and assignment Outline common issues related to Workspace ONE UEM console roles and system settings Understand how analytic events can be used to identity platform errors Summarize the steps for collecting and analyzing Workspace ONE UEM console logs Integration Troubleshooting Outline the common enterprise integrations in Workspace ONE UEM Outline common troubleshooting techniques for the VMware AirWatch© Cloud Connector? Troubleshoot issues related to Directory Services integration Identify directory user and groups synchronization issues Troubleshoot issues related to certificate authority integration Explain Workspace ONE Access integration and Workspace ONE Intelligent Hub troubleshooting techniques Endpoint Troubleshooting Compare the endpoint connection topologies in Workspace ONE UEM Outline useful tools and resources for endpoint troubleshooting Summarize the best practices for device enrollment troubleshooting Explain device connectivity troubleshooting techniques Understand how to identify and resolve profile-related issues Identify common compliance policy issues and potential root causes Application Troubleshooting Explain the different scoping questions for troubleshooting applications Review application management configurations Summarize the general tools and resources for application troubleshooting Describe the general logic of troubleshooting public applications Understand internal application issues and potential causes Explain purchased application troubleshooting techniques Unified Access Gateway And Edge Services Troubleshooting Review Unified Access Gateway architecture and edge service workflows Understand Unified Access Gateway general configurations Explain how to utilize Unified Access Gateway related troubleshooting tools and resources Identify

Duration 5 Days 30 CPD hours This course is intended for Security administrators Security consultants Network administrators System engineers Technical support personnel Cisco integrators and partners Overview After taking this course, you should be able to: Describe key concepts of NGIPS and NGFW technology and the Cisco Firepower Threat Defense system, and identify deployment scenarios Perform initial Cisco Firepower Threat Defense device configuration and setup tasks Describe how to manage traffic and implement Quality of Service (QoS) using Cisco Firepower Threat Defense Describe how to implement NAT by using Cisco Firepower Threat Defense Perform an initial network discovery, using Cisco Firepower to identify hosts, applications, and services Describe the behavior, usage, and implementation procedure for access control policies Describe the concepts and procedures for implementing security intelligence features This course gives you knowledge and skills to use and configure Cisco© Firepower Threat Defense technology, beginning with initial device setup and configuration and including routing, high availability, Cisco Adaptive Security Appliance (ASA) to Cisco Firepower Threat Defense migration, traffic control, and Network Address Translation (NAT). You will learn how to implement advanced Next-Generation Firewall (NGFW) and Next-Generation Intrusion Prevention System (NGIPS) features, including network intelligence, file type detection, network-based malware detection, and deep packet inspection. You will also learn how to configure site-to-site VPN, remote-access VPN, and Secure Sockets Layer (SSL) decryption before moving on to detailed analysis, system administration, and troubleshooting. Cisco Firepower Threat Defense Overview Examining Firewall and IPS Technology Firepower Threat Defense Features and Components Examining Firepower Platforms Examining Firepower Threat Defense Licensing Cisco Firepower Implementation Use Cases Cisco Firepower NGFW Device Configuration Firepower Threat Defense Device Registration FXOS and Firepower Device Manager Initial Device Setup Managing NGFW Devices Examining Firepower Management Center Policies Examining Objects Examining System Configuration and Health Monitoring Device Management Examining Firepower High Availability Configuring High Availability Cisco ASA to Firepower Migration Migrating from Cisco ASA to Firepower Threat Defense Cisco Firepower NGFW Traffic Control Firepower Threat Defense Packet Processing Implementing QoS Bypassing Traffic Cisco Firepower NGFW Address Translation NAT Basics Implementing NAT NAT Rule Examples Implementing NAT Cisco Firepower Discovery Examining Network Discovery Configuring Network Discovery Implementing Access Control Policies Examining Access Control Policies Examining Access Control Policy Rules and Default Action Implementing Further Inspection Examining Connection Events Access Control Policy Advanced Settings Access Control Policy Considerations Implementing an Access Control Policy Security Intelligence Examining Security Intelligence Examining Security Intelligence Objects Security Intelligence Deployment and Logging Implementing Security Intelligence File Control and Advanced Malware Protection Examining Malware and File Policy Examining Advanced Malware Protection Next-Generation Intrusion Prevention Systems Examining Intrusion Prevention and Snort Rules Examining Variables and Variable Sets Examining Intrusion Policies Site-to-Site VPN Examining IPsec Site-to-Site VPN Configuration Site-to-Site VPN Troubleshooting Implementing Site-to-Site VPN Remote-Access VPN Examining Remote-Access VPN Examining Public-Key Cryptography and Certificates Examining Certificate Enrollment Remote-Access VPN Configuration Implementing Remote-Access VPN SSL Decryption Examining SSL Decryption Configuring SSL Policies SSL Decryption Best Practices and Monitoring Detailed Analysis Techniques Examining Event Analysis Examining Event Types Examining Contextual Data Examining Analysis Tools Threat Analysis System Administration Managing Updates Examining User Account Management Features Configuring User Accounts System Administration Cisco Firepower Troubleshooting Examining Common Misconfigurations Examining Troubleshooting Commands Firepower Troubleshooting