262 Courses delivered Online

Duration 5 Days 30 CPD hours This course is intended for Security engineer Network engineer Network designer Network administrator Systems engineer Consulting systems engineer Technical solutions architect Network manager Cisco integrators and partners Overview After taking this course, you should be able to: Describe information security concepts and strategies within the network Describe common TCP/IP, network application, and endpoint attacks Describe how various network security technologies work together to guard against attacks Implement access control on Cisco ASA appliance and Cisco Firepower Next-Generation Firewall Describe and implement basic email content security features and functions provided by Cisco Email Security Appliance Describe and implement web content security features and functions provided by Cisco Web Security Appliance Describe Cisco Umbrella security capabilities, deployment models, policy management, and Investigate console Introduce VPNs and describe cryptography solutions and algorithms Describe Cisco secure site-to-site connectivity solutions and explain how to deploy Cisco Internetwork Operating System (Cisco IOS) Virtual Tunnel Interface (VTI)-based point-to-point IPsec VPNs, and point-to-point IPsec VPN on the Cisco ASA and Cisco Firepower Next-Generation Firewall (NGFW) Describe and deploy Cisco secure remote access connectivity solutions and describe how to configure 802.1X and Extensible Authentication Protocol (EAP) authentication Provide basic understanding of endpoint security and describe Advanced Malware Protection (AMP) for Endpoints architecture and basic features Examine various defenses on Cisco devices that protect the control and management plane Configure and verify Cisco IOS software Layer 2 and Layer 3 data plane controls Describe Cisco Stealthwatch Enterprise and Stealthwatch Cloud solutions Describe basics of cloud computing and common cloud attacks and how to secure cloud environment The Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0 course helps you prepare for the Cisco© CCNP© Security and CCIE© Security certifications and for senior-level security roles. In this course, you will master the skills and technologies you need to implement core Cisco security solutions to provide advanced threat protection against cybersecurity attacks. You will learn security for networks, cloud and content, endpoint protection, secure network access, visibility, and enforcements. You will get extensive hands-on experience deploying Cisco Firepower© Next-Generation Firewall and Cisco Adaptive Security Appliance (ASA) Firewall; configuring access control policies, mail policies, and 802.1X Authentication; and more. You will get introductory practice on Cisco Stealthwatch© Enterprise and Cisco Stealthwatch Cloud threat detection features. This course, including the self-paced material, helps prepare you to take the exam, Implementing and Operating Cisco Security Core Technologies (350-701 SCOR), which leads to the new CCNP Security, CCIE Security, and the Cisco Certified Specialist - Security Core certifications. Describing Information Security Concepts* Information Security Overview Assets, Vulnerabilities, and Countermeasures Managing Risk Vulnerability Assessment Understanding Common Vulnerability Scoring System (CVSS) Describing Common TCP/IP Attacks* Legacy TCP/IP Vulnerabilities IP Vulnerabilities Internet Control Message Protocol (ICMP) Vulnerabilities TCP Vulnerabilities User Datagram Protocol (UDP) Vulnerabilities Attack Surface and Attack Vectors Reconnaissance Attacks Access Attacks Man-in-the-Middle Attacks Denial of Service and Distributed Denial of Service Attacks Reflection and Amplification Attacks Spoofing Attacks Dynamic Host Configuration Protocol (DHCP) Attacks Describing Common Network Application Attacks* Password Attacks Domain Name System (DNS)-Based Attacks DNS Tunneling Web-Based Attacks HTTP 302 Cushioning Command Injections SQL Injections Cross-Site Scripting and Request Forgery Email-Based Attacks Describing Common Endpoint Attacks* Buffer Overflow Malware Reconnaissance Attack Gaining Access and Control Gaining Access via Social Engineering Gaining Access via Web-Based Attacks Exploit Kits and Rootkits Privilege Escalation Post-Exploitation Phase Angler Exploit Kit Describing Network Security Technologies Defense-in-Depth Strategy Defending Across the Attack Continuum Network Segmentation and Virtualization Overview Stateful Firewall Overview Security Intelligence Overview Threat Information Standardization Network-Based Malware Protection Overview Intrusion Prevention System (IPS) Overview Next Generation Firewall Overview Email Content Security Overview Web Content Security Overview Threat Analytic Systems Overview DNS Security Overview Authentication, Authorization, and Accounting Overview Identity and Access Management Overview Virtual Private Network Technology Overview Network Security Device Form Factors Overview Deploying Cisco ASA Firewall Cisco ASA Deployment Types Cisco ASA Interface Security Levels Cisco ASA Objects and Object Groups Network Address Translation Cisco ASA Interface Access Control Lists (ACLs) Cisco ASA Global ACLs Cisco ASA Advanced Access Policies Cisco ASA High Availability Overview Deploying Cisco Firepower Next-Generation Firewall Cisco Firepower NGFW Deployments Cisco Firepower NGFW Packet Processing and Policies Cisco Firepower NGFW Objects Cisco Firepower NGFW Network Address Translation (NAT) Cisco Firepower NGFW Prefilter Policies Cisco Firepower NGFW Access Control Policies Cisco Firepower NGFW Security Intelligence Cisco Firepower NGFW Discovery Policies Cisco Firepower NGFW IPS Policies Cisco Firepower NGFW Malware and File Policies Deploying Email Content Security Cisco Email Content Security Overview Simple Mail Transfer Protocol (SMTP) Overview Email Pipeline Overview Public and Private Listeners Host Access Table Overview Recipient Access Table Overview Mail Policies Overview Protection Against Spam and Graymail Anti-virus and Anti-malware Protection Outbreak Filters Content Filters Data Loss Prevention Email Encryption Deploying Web Content Security Cisco Web Security Appliance (WSA) Overview Deployment Options Network Users Authentication Secure HTTP (HTTPS) Traffic Decryption Access Policies and Identification Profiles Acceptable Use Controls Settings Anti-Malware Protection Deploying Cisco Umbrella* Cisco Umbrella Architecture Deploying Cisco Umbrella Cisco Umbrella Roaming Client Managing Cisco Umbrella Cisco Umbrella Investigate Overview and Concepts Explaining VPN Technologies and Cryptography VPN Definition VPN Types Secure Communication and Cryptographic Services Keys in Cryptography Public Key Infrastructure Introducing Cisco Secure Site-to-Site VPN Solutions Site-to-Site VPN Topologies IPsec VPN Overview IPsec Static Crypto Maps IPsec Static Virtual Tunnel Interface Dynamic Multipoint VPN Cisco IOS FlexVPN Deploying Cisco IOS VTI-Based Point-to-Point IPsec VPNs Cisco IOS VTIs Static VTI Point-to-Point IPsec Internet Key Exchange (IKE) v2 VPN Configuration Deploying Point-to-Point IPsec VPNs on the Cisco ASA and Cisco Firepower NGFW Point-to-Point VPNs on the Cisco ASA and Cisco Firepower NGFW Cisco ASA Point-to-Point VPN Configuration Cisco Firepower NGFW Point-to-Point VPN Configuration Introducing Cisco Secure Remote Access VPN Solutions Remote Access VPN Components Remote Access VPN Technologies Secure Sockets Layer (SSL) Overview Deploying Remote Access SSL VPNs on the Cisco ASA and Cisco Firepower NGFW Remote Access Configuration Concepts Connection Profiles Group Policies Cisco ASA Remote Access VPN Configuration Cisco Firepower NGFW Remote Access VPN Configuration Explaining Cisco Secure Network Access Solutions Cisco Secure Network Access Cisco Secure Network Access Components AAA Role in Cisco Secure Network Access Solution Cisco Identity Services Engine Cisco TrustSec Describing 802.1X Authentication 802.1X and Extensible Authentication Protocol (EAP) EAP Methods Role of Remote Authentication Dial-in User Service (RADIUS) in 802.1X Communications RADIUS Change of Authorization Configuring 802.1X Authentication Cisco Catalyst© Switch 802.1X Configuration Cisco Wireless LAN Controller (WLC) 802.1X Configuration Cisco Identity Services Engine (ISE) 802.1X Configuration Supplicant 802.1x Configuration Cisco Central Web Authentication Describing Endpoint Security Technologies* Host-Based Personal Firewall Host-Based Anti-Virus Host-Based Intrusion Prevention System Application Whitelists and Blacklists Host-Based Malware Protection Sandboxing Overview File Integrity Checking Deploying Cisco Advanced Malware Protection (AMP) for Endpoints* Cisco AMP for Endpoints Architecture Cisco AMP for Endpoints Engines Retrospective Security with Cisco AMP Cisco AMP Device and File Trajectory Managing Cisco AMP for Endpoints Introducing Network Infrastructure Protection* Identifying Network Device Planes Control Plane Security Controls Management Plane Security Controls Network Telemetry Layer 2 Data Plane Security Controls Layer 3 Data Plane Security Controls Deploying Control Plane Security Controls* Infrastructure ACLs Control Plane Policing Control Plane Protection Routing Protocol Security Deploying Layer 2 Data Plane Security Controls* Overview of Layer 2 Data Plane Security Controls Virtual LAN (VLAN)-Based Attacks Mitigation Sp

Duration 4 Days 24 CPD hours This course is intended for DevOps engineers Integration engineers Network and software architects Network engineers Software engineers System administrators Overview After completing this course, you should be able to: Describe network and IT convergence Describe Cisco NSO architecture Describe Linux Configure Cisco NSO Set up access control to Cisco NSO system Describe Cisco NSO Integration Options Explain version control systems and basic git concepts Describe the purpose of continuous integration and continuous delivery Implement Cisco NSO high availability Describe scalable system management Describe software development methodologies Describe service maintenance Perform NED upgrades Use Cisco NSO for managing services and their associated device configurations Describe Cisco NSO change management Explain service problem management Use Cisco NSO for service monitoring and compliance reporting Describe Cisco NSO inventory management Describe Cisco NSO use cases The Cisco Network Services Orchestrator (NSO) Administration and DevOps (NSO303) v4.0 course continues the learning journey of the NSO Essentials for Programmers and Network Architects (NSO201) v4.0 and NSO Advanced for Python Programmers (NSO300) v4.0 courses by introducing you to the system administration and DevOps focusing on NSO; the robust bridge linking network automation and orchestration tools, examining the development, operation, and administration task functions. You will learn how to set up, configure, deploy, and maintain a Cisco Network Services Orchestrator solution, and learn best practices for using DevOps. The examples shown in this course demonstrate real-world scenarios to prepare you for deployment and management of new or existing NSO instances. The course guides you through the setup of a production ready NSO instances using system installation with access control settings, the deployment of NSO in Docker containers, and introduces modern DevOps concepts and tools such as Git and Continuous Delivery/Continuous Deployment (CI/CD). You will learn how to migrate CDM devices, how to build NETCONF NEDs from the NSO CLI, how to handle NSO Alarms, and many more features that benefit you in your journey with Cisco NSO. Course Outline Introducing Network and IT Convergence Introducing Cisco NSO Architecture Introducing Linux Explaining Cisco NSO Setup Exploring Access Control Describing Integration Options Explaining Version Control System Describing Continuous Integration and Continuous Delivery Introducing Scalability and High Availability Describing Scalable System Management Describing Software Development Methodologies Introducing Service Maintenance Performing Network Element Driver (NED) Upgrades Introducing Configuration Management Describing Change Management Explaining Service Problem Management Explaining Service Monitoring and Compliance Reporting Introducing Inventory Management Describing Cisco NSO Use Cases

Duration 5 Days 30 CPD hours This course is intended for This course is designed for technical professionals who need to know how to deploy and manage a Cisco Firepower NGIPS in their network environment. Security administrators Security consultants Network administrators System engineers Technical support personnel Channel partners and resellers Overview After taking this course, you should be able to: Describe the components of Cisco Firepower Threat Defense and the managed device registration process Detail Next-Generation Firewalls (NGFW) traffic control and configure the Cisco Firepower system for network discovery Implement access control policies and describe access control policy advanced features Configure security intelligences features and the Advanced Malware Protection (AMP) for Networks implementation procedure for file control and advanced malware protection Implement and manage intrusion and network analysis policies for NGIPS inspection Describe and demonstrate the detailed analysis techniques and reporting features provided by the Cisco Firepower Management Center Integrate the Cisco Firepower Management Center with an external logging destination Describe and demonstrate the external alerting options available to Cisco Firepower Management Center and configure a correlation policy Describe key Cisco Firepower Management Center software update and user account management features Identify commonly misconfigured settings within the Cisco Firepower Management Center and use basic commands to troubleshoot a Cisco Firepower Threat Defense device This course shows you how to deploy and use Cisco Firepower© Next-Generation Intrusion Prevention System (NGIPS). This hands-on course gives you the knowledge and skills to use the platform features and includes firewall security concepts, platform architecture and key features; in-depth event analysis including detection of network-based malware and file type, NGIPS tuning and configuration including application control, security intelligence, firewall, and network-based malware and file controls; Snort© rules language; file and malware inspection, security intelligence, and network analysis policy configuration designed to detect traffic patterns; configuration and deployment of correlation policies to take action based on events detected; troubleshooting; system and user administration tasks, and more. This course helps you prepare to take the exam, Securing Networks with Cisco Firepower (300-710 SNCF), which leads to CCNP Security and Cisco Certified Specialist ? Network Security Firepower certifications. The 300-710 SNCF exam has a second preparation course as well, Cisco© Securing Networks with Cisco© Firepower Next Generation Firewall (SSNGFW). You can take these courses in any order. Course Outline Cisco Firepower Threat Defense Overview Cisco Firepower NGFW Device Configuration Cisco Firepower NGFW Traffic Control Cisco Firepower Discovery Implementing Access Control Policies Security Intelligence File Control and Advanced Malware Protection Next-Generation Intrusion Prevention Systems Network Analysis Policies Detailed Analysis Techniques Cisco Firepower Platform Integration Alerting and Correlation Policies Performing System Administration Troubleshooting Cisco Firepower

Duration 3 Days 18 CPD hours This course is intended for This course is designed for system administrators and implementors interested in learning IBM Security Verify Access. Overview Describe IBM Security Verify Access product and its key features Discuss the architecture and deployment process Configure IBM Security Verify Access users, groups, and domains Introduce concepts of a reverse proxy and how it fits in your web-based infrastructure Describe protected object space and the policy access control model Explain how to set up reverse proxy junctions to handle web requests Discuss and configure authentication mechanisms that are supported by Verify Access Explain and set up logging, auditing, and tracing for Verify Access components IBM Security Verify Access helps you simplify your users' access while more securely adopting web, mobile, IoT, and cloud technologies. It can be deployed on premises, in a virtual or hardware appliance, or containerized with Docker. Verify Access also directly connects with Verify SaaS for a modernized, hybrid IAM approach to enable your organization's migration to identity as a service (IDaaS) at a comfortable pace. Using the skills taught in this course, you learn how to run Verify Access via Docker, configure authentication and authorization mechanisms, implement policy access control, and set up reverse proxy junctions to process web requests. Hands-on exercises reinforce the skills learned. Unit 1 Introduction to IBM Security Verify Access Unit 2 Architecture and deployment Unit 3 Managing users, groups, and domains Unit 4 Reverse Proxy (WebSEAL) concepts Unit 5 Managing access control Unit 6 Configuring junctions for back-end resources Unit 7 Authentication framework and methods Unit 8 Logging, auditing, and tracing Additional course details: Nexus Humans TW108G IBM Security Verify Access Foundations training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the TW108G IBM Security Verify Access Foundations course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for This course is appropriate for anyone needing to interface with an Oracle database or those needing a general understanding of Oracle database functionality. That would include end users, business analysts, application developers and database administrators. Overview Working in a hands-on learning environment led by our expert pracitioner you'll learn how to: Add Data, Retrieve, Sort and Organize a SQL Database Combine Data, Set Operators and Subqueries Manipulate Data and Data Definition Languages in SQL Work with Data Dictionary Views and Create Sequences, Indexes and Views Use Database Objects and Subqueries Perform Data and access control Perform other Advanced Level Database operations. Oracle 19C SQL Programming Fundamentals Is a three-day, hands-on course designed to equip you with the fundamental skills needed to set up, run and manage SQL databases using Oracle Database Technology. You will also be discovering all the tools and concepts required to organize data efficiently. Our engaging instructors and mentors are highly-experienced practitioners who bring years of current 'on-the-job' experience into every classroom. Working within in a hands-on learning environment, guided by our expert team, attendees will develop a practical approach to Oracle Database Technology. Throughout the course, you will learn the key elements of a database, and the way Oracle systems facilitate their induction in the system. You?ll also learn the tools and strategies you can implement to store, retrieve, compare and organize data according to your requirements. You?ll also explore the process of creating simple to complex reports from existing data. By the end of this course, you will also have hands-on knowledge of SQL systems that are required to proceed to other advanced to professional programs. Adding Data, Retrieving, Sorting and Organizing a SQL Database The building blocks of a database. How to add data to the database. The process of retrieving data using SQL functions. Multiple methods of sorting and organizing data. Using SQL functions to get the required simple to complex output. Various strategies for using functions and conditions to organize data. Combining Data, Set Operators And Subqueries Consolidating data using multiple functions and group operators. Fetching intelligent data reports using simple functions. Fetching data from multiple sources in the tables. Using Subqueries to compile data as required. Using Set operators to create smart data reports. Data Manipulation and Data Definition Languages in SQL Describing and managing data transaction using Data Definition Language. Categorize and review data tables using Data Definition Language. Data Dictionary Views and Creating Sequences, Indexes and Views How to manage and query Data Dictionary Views. The process of creating and using Sequences. How to create various types of Synonyms and Indexes. Creating simple and complex views and retrieving data. Understanding and using Database Objects and Subqueries Core concept and application of Schema Objects. Fetching required data with Subqueries. Using Subqueries to organize Data in SQL. Data and access control Assigning and revoking data access. Managing data access control according to user levels. Performing Advanced Level Database operations. Using advanced functions and performing data queries. Creating and managing time zone-based databases.

Duration 2 Days 12 CPD hours This course is intended for This course is designed for security administrators and Check Point resellers who need to manage and monitor issues that may occur within their Security Management environment. Overview Understand how to use Check Point resources for support. Understand how to perform packet captures using tcmdump and FW Monitor command tools. Understand the basic process of kernel debugging, and how debug commands are structured. Recognize how to use various Linux commands for troubleshooting system issues. Recognize communication issues that may occur between SmartConsole and the SMS and how to resolve them. Understand how to troubleshoot SmartConsole login and authentication issues. Understand how to prevent and resolve licensing and contract issues. Understand how to troubleshoot issues that may occur during policy installation. Understand communication issues that may occur when collecting logs and how to resolve them. Recall various tools to use when analyzing issues with logs. Understand how to restore interrupted communications during heavy logging. Understand how NAT works and how to troubleshoot issues. Understand Client Side and Server Side NAT. Understand how the Access Control Policy functions and how the access control applications work together. Understand how to troubleshoot issues that may occur with Application Control and URL Filtering. Understand how the HTTPS Inspection process works and how to resolve issues that may occur during the process. Understand how to troubleshoot Content Awareness issues. Recognize how to troubleshoot VPN-related issues. Understand how to monitor cluster status and work with critical devices. Recognize how to troubleshoot State Synchronization. Understand how to troubleshoot communication issues between Identity Sources and Security Gateways. Understand how to troubleshoot and debug issues with internal Identity Awareness processes. The goal of this course is to provide an understanding of the concepts and skills necessary to troubleshoot issues which may occur when managing the Check Point Security Management architecture and Security Gateways. Course Outline An Introduction to Troubleshooting SmartConsole and Policy Management Troubleshooting Monitoring Logging Activity Troubleshooting Issues with NAT Understanding the Unified Access Control Policy Basic VPN Troubleshooting Monitoring ClusterXL Connections Understanding Identity Awareness Additional course details: Nexus Humans CCTA Check Point Troubleshooting Administration training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CCTA Check Point Troubleshooting Administration course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for Network security engineers Network security architects ISE administrators Senior Security Operations Center (SOC) personnel responsible for Incidence Response Cisco integrators and partners Overview After taking this course, you should be able to: Describe the Cisco Identity Services Engine (ISE) Explain Cisco ISE deployment Describe Cisco ISE policy enforcement components Describe Cisco ISE policy configuration Troubleshoot Cisco ISE policy and third-party Network Access Device (NAD) support Configure guest access Configure hotspots and guest portals Describe the Cisco ISE profiler services Describe profiling best practices and reporting Configure a Cisco ISE BYOD solution Configure endpoint compliance Configure client posture services Configure Cisco ISE device administration Describe Cisco ISE TrustSec configurations The Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 course teaches you to deploy and use Cisco© Identity Services Engine (ISE) v3.x, an identity and access control policy platform that simplifies the delivery of consistent, highly secure access control across wired, wireless, and VPN connections. This hands-on course provides you with the knowledge and skills to implement and apply Cisco ISE capabilities to support use cases for Zero Trust security posture. These use cases include tasks such as policy enforcement, profiling services, web authentication and guest access services, BYOD, endpoint compliance services, and Terminal Access Controller Access Control Server (TACACS+) device administration. Through hands-on practice via lab exercises, you will learn how to use Cisco ISE to gain visibility into what is happening in your network, streamline security policy management, and contribute to operational efficiency. This course helps you prepare to take the Implementing and Configuring Cisco Identity Services Engine (300-715 SISE) exam, which leads to CCNP© Security and the Cisco Certified Specialist - Security Identity Management Implementation certifications. This course also earns you 40 Continuing Education (CE) credits toward recertification Course Outline Introducing Cisco ISE Architecture Introducing Cisco ISE Deployment Introducing Cisco ISE Policy Enforcement Components Introducing Cisco ISE Policy Configuration Troubleshooting Cisco ISE Policy and Third-Party NAD Support Introducing Web Authentication and Guest Services Configuring Hotspots and Guest Portals Introducing the Cisco ISE Profiler Introducing Profiling Best Practices and Reporting Configuring Cisco ISE BYOD Introducing Cisco ISE Endpoint Compliance Services Configuring Client Posture Services and Compliance Working With Network Access Devices Exploring Cisco TrustSec Additional course details: Nexus Humans Cisco Implementing and Configuring Cisco Identity Services Engine v4.0 (SISE) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco Implementing and Configuring Cisco Identity Services Engine v4.0 (SISE) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for Students who need to know how to implement and manage Cisco ASA 5500-X. Overview Upon successful completion of this course, students should be able to do the following:? Technology and features of the Cisco ASA? Cisco ASA product family? How ASAs protect network devices from attacks? Bootstrap the security appliance? Prepare the security appliance for configuration via the Cisco Adaptive Security Device Manager (ASDM)? Launch and navigate ASDM? Essential security appliance configuration using ASDM and the command-line interface (CLI)? Configure dynamic and static address translations? Configure access policy based on ACLs? Use object groups to simplify ACL complexity and maintenance? Use the Modular Policy Framework to provide unique policies to specific data flows? Handle advanced protocols with application inspection? Troubleshoot with syslog and tcp ping? Configure the ASA to work with Cisco Secure ACS 5.2 for RADIUS-based AAA of VPNs? Implement site-to-site IPsec VPN? Implement remote access IPsec and SSL VPNs using the Cisco AnyConnect 3.0 Secure Mobility Client? Work with the 5.x Legacy Cisco IPsec VPN client and Anyconnect VPN client? Deploy clientless SSL VPN access, including smart tunnels, plug-ins, and web-type ACLs? Configure access control policies to implement your security policy across all classes of VPN? Configure Active/Standby failover for both firewall and VPN high availability Student will gain the essential skills required to configure, maintain, and operate Cisco ASA 5500-X Series Adaptive Security Appliances based on ASA Software v9.x. Cisco ASA Essentials ? Lesson 1: Evaluating Cisco ASA Technologies ? Lesson 2: Identifying Cisco ASA Families Basic Connectivity and Device Management ? Lesson 1: Preparing the Cisco ASA for Network Integration ? Lesson 2: Managing Basic Cisco ASA Network Settings ? Lesson 3: Configuring Cisco ASA Device Management Features Network Integration ? Lesson 1: Configuring Cisco ASA NAT Features ? Lesson 2: Configuring Cisco ASA Basic Access Control Features Cisco ASA Policy Control ? Lesson 1: Cisco ASA Modular Policy Framework ? Lesson 2: Configuring Cisco ASA Connection Policy Cisco ASA VPN Architecture and Common Components ? Lesson 1: Implementing Profiles, Group Policies, and User Policies ? Lesson 2: Implementing PKI Services Cisco ASA Clientless Remote Access SSL VPN Solutions ? Lesson 1: Deploying Basic Clientless VPN Solutions ? Lesson 2: Deploying Advanced Application Access for Clientless SSL VPNs Cisco AnyConnect Remote Access SSL Solutions ? Lesson 1: Deploying a Basic Cisco AnyConnect Full-Tunnel SSL VPN Solution Cisco ASA Remote Access IPsec VPNs ? Lesson 1: Deploying Cisco Remote Access VPN Clients ? Lesson 2: Deploying Basic Cisco Remote Access IPsec VPN Solutions Cisco ASA Site-to-Site IPsec VPN Solutions ? Lesson 1: Deploying Basic Site-to-Site IPsec VPNs ? Lesson 2: Deploying Advanced Site-to-Site IPsec VPNs Cisco ASA High Availability and Virtualization ? Lesson 1: Configuring Cisco ASA Active/Standby High Availability Labs Lab 1: Prepare the ASA for Administration Lab 2: Fundamental ASA Configuration Lab 3: Network Address Translation (NAT) Lab 4: Basic Access Control Lab 5: Basic Protocol Inspection Lab 6: Licensing, ACS, and Public CA Lab 7: Basic Clientless SSL VPN Lab 8: Clientless SSL VPN - Thin Apps Lab 9: Basic AnyConnect Full Tunnel SSL VPN Lab 10: Remote Access IPSec VPN Lab 11: IPSec Site-to-Site VPN Lab 12: Active/Standby Failover

Duration 2 Days 12 CPD hours This course is intended for This course benefits individuals responsible for configuring and monitoring EX Series switches using Junos ELS. Overview After successfully completing this course, you should be able to: Restrict traffic flow within a VLAN. Manage dynamic VLAN registration. Tunnel Layer 2 traffic through Ethernet networks. Review the purpose and operations of a spanning tree. Implement multiple spanning-tree instances in a network. Implement one or more spanning-tree instances for a VLAN. List the benefits of implementing end-user authentication. Explain the operations of various access control features. Configure and monitor various access control features. Describe processing considerations when multiple authentication and access control features are enabled. Describe some common IP telephony deployment scenarios. Describe features that facilitate IP telephony deployments. Configure and monitor features used in IP telephony deployments. Explain the purpose and basic operations of CoS. Describe CoS features used in Layer 2 networks. Configure and monitor CoS in a Layer 2 network. Describe a basic troubleshooting method. List common issues that disrupt network operations. Identify tools used in network troubleshooting. Use available tools to resolve network issues. This two-day course provides detailed coverage of virtual LAN (VLAN) operations. Chapter 1: Course Introduction Course Introduction Chapter 2: Troubleshooting as a Process Before You Begin The Troubleshooting Process Challenging Network Issues The Troubleshooting Process Lab Chapter 3: Junos Product Families The Junos OS Control Plane and Data Plane Field-Replaceable Units Junos Product Families Lab: Identifying Hardware Components Chapter 4: Troubleshooting Toolkit Troubleshooting Tools Best Practices Lab: Using Monitoring Tools and Establishing a Baseline Chapter 5: Hardware and Environmental Conditions Hardware Troubleshooting Overview Memory and Storage Boot Monitoring Hardware-Related System Logs Chassis and Environmental Monitoring Lab: Monitoring Hardware and Environmental Conditions Chapter 6: Control Plane Control Plane Review System and User Processes Monitoring Routing Tables and Protocols Monitoring Bridging Monitoring the Address Resolution Protocol Lab: Control Plane Monitoring and Troubleshooting Chapter 7: Control Plane Protection Protection Overview DDOS Protection Loopback Filter Lab: Control Plane Monitoring and Troubleshooting Chapter 8: Data Plane ? Interfaces Interface Properties General Interface Troubleshooting Ethernet Interface Troubleshooting Lab: Monitoring and Troubleshooting Ethernet Interfaces Chapter 9: Data Plane ? Other Components Definition of a Data Plane Problem Data Plane Components Data Plane Forwarding Load-Balancing Behavior Firewall Filters and Policers Data Plane Troubleshooting Case Study Lab: Isolate and Troubleshoot PFE Issues Chapter 10: Staging and Acceptance Testing Initial Inspection and Power-on General System Checks Interface Testing Chapter 11: Troubleshooting Routing Protocols Troubleshooting OSPF Troubleshooting BGP Troubleshooting Routing Loops and Route Oscillation Lab: Troubleshooting Routing Protocols Chapter 12: High Availability High Availability Overview Graceful Routing Engine Switchover Graceful Restart Nonstop Active Routing and Bridging Unified In-Service Software Upgrade Chapter 13: Network Monitoring SNMP RMON Telemetry Flow Monitoring Lab: Monitoring the Network Chapter 14: vMX Troubleshooting vMX Overview Troubleshooting Lab: Monitoring vMX Chapter 15: JTAC Procedures Opening a Support Case Customer Support Tools The Content of a PR Transferring Files to JTAC Chapter 16: Automated Support and Prevention Overview Service Now Service Insight Lab: Automated Support and Prevention

Duration 2 Days 12 CPD hours This course is intended for Cloud Architects, Security Experts, and Network Administrators requiring in depth knowledge on CloudGuard Network Security products. Overview Discuss Azure Platform Components and their relationship to Check Point CloudGuard Network Security. Explain how to maintain a secure, efficient, and stable cloud environment. Describe the components and constraints of a hub and spoke cloud security environment. Describe the function of the Cloud Management Extension Explain the purpose of identity and access controls and constraints in different cloud platforms. Explain the steps required to configure Identity and Access controls in Azure. Describe the purpose and function of the CloudGuard Controller, its processes, and how it is tied to the Identity Awareness feature. Explain how to design and configure Cloud Adaptive Policies. Discuss the purpose and function of Data Center Objects. Describe the function and advantages of Cloud Service Provider (CSP) automation templates for instance and resource deployments. Explain how CSP templates can be used for maintenance tasks in the cloud environment. Discuss Third-Party Automation tools, how they can simplify deployment and maintenance tasks, and the constraints associated with them. Discuss Scaling Solutions and Options for Cloud Environments. Explain the Scaling Options in Azure. Describe the workflow for configuring scaling solutions in Azure. Discuss how ClusterXL operates and what elements work together to permit traffic failover. Explain how ClusterXL functions differently in a Cloud Environment. Describe how clusters are created and function in Azure. Discuss the elements involved in Hybrid Data Center deployments, the advantages of them, and the constraints involved. Explain the nature of a 'Greenfield' deployment, the advantages of it, and the constraints involved. Describe the components and constraint involved in deploying a Disaster Recovery Site in the cloud. Discuss the steps required for troubleshooting automation in Azure. Explain the steps required for troubleshooting Scaling Solution issues in Azure. Describe the steps required for troubleshooting clusters in Azure. Learn advanced concepts and develop skills needed to design and administer CloudGuard Network Security Environments. Course Outline Deploy a Security Management Server. Connect to SmartConsole. Configure Azure Active Directory and the Service Principle. Install the Cloud Management Extension. Configure the Cloud Management Extension. Configure the Access Control Policy. Assign the Service Principle. Create the CloudGuard Controller Object. Configure Access Control Policy with a Data Center Object. Deploy the Spoke vNets. Create the Spoke Route Table. Deploy Web Servers into the Spoke vNets. Deploy the Virtual Machine Scale Set. Assign the Service Principle to the VMSS Resource Group. Enable Indentity Awareness on the VMSS. Create Load Balancer Rules. Create vNet Peers. Create Web Server Access Control policy. Deploy the Azure High Availability Solution. Create the Cluster Object. Configure the vNet Peering. Create the Internal User Defined Routes. Create the Security Policy for Internal Traffic. Test the Internal Traffic. Troubleshoot the CloudGuard Controller. Debugs the CloudGuard Controller. Debug the Cloud Management Extension. Additional course details: Nexus Humans CNSE-Azure Check Point Network Security Expert for Azure training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CNSE-Azure Check Point Network Security Expert for Azure course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.