62 IPsec courses

Duration 5 Days 30 CPD hours This course is intended for Experienced security administrators or network administrators Overview By the end of the course, you should be able to meet the following objectives: Describe the architecture and main components of NSX-T Data Center Explain the features and benefits of NSX-T Data Center Deploy the NSX Management cluster and VMware NSX Edge™ nodes Prepare VMware ESXi™ and KVM hosts to participate in NSX-T Data Center networking Create and configure segments for layer 2 forwarding Create and configure Tier-0 and Tier-1 gateways for logical routing Use distributed and gateway firewall policies to filter east-west and north-south traffic in NSX-T Data Center Configure Advanced Threat Prevention features Configure network services on NSX Edge nodes Use VMware Identity Manager and LDAP to manage users and access Explain the use cases, importance, and architecture of Federation This five-day, fast-paced course provides comprehensive training on how to install, configure, and manage a VMware NSX-T? Data Center environment. This course covers key NSX-T Data Center features and functionality offered in the NSX-T Data Center 3.2 release, including the overall infrastructure, logical switching, logical routing, networking and security services, firewalls and advanced threat prevention, and more. Course Introduction Introductions and course logistics Course objectives VMware Virtual Cloud Network and NSX-T Data Center Introduce the VMware Virtual Cloud Network vision Discuss NSX-T Data Center solutions, use cases, and benefits Explain NSX-T Data Center architecture and components Describe the VMware NSXTM product portfolio and features Explain the management, control, data, and consumption planes and function Preparing the NSX-T Data Center Infrastructure Describe NSX Management Cluster Deploy VMware NSXTM ManagerTM nodes on VMware ESXi and KVM hypervisors Navigate through the NSX Manager UI Explain data-plane components such as N-VDS/VDS, transport nodes, transport zones, profiles, and more Perform transport node preparation and establish the data center infrastructure Verify transport node status and connectivity NSX-T Data Center Logical Switching Introduce key components and terminology in logical switching Describe the function and types of L2 segments Explain tunneling and the GENEVE encapsulation Configure logical segments and attach hosts using NSX Manager UI Describe the function and types of segment profiles Create segment profiles and apply them to segments and ports Explain the function of MAC, ARP, and TEP tables used in packet forwarding Demonstrate L2 unicast packet flow Explain ARP suppression and BUM traffic handling NSX-T Data Center Logical Routing Describe the logical routing function and use cases Introduce the two-tier routing architecture, topologies, and components Explain the Tier-0 and Tier-1 Gateway functions Describe the logical router components: Service Router and Distributed Router Discuss the architecture and function of NSX Edge nodes Discuss deployment options of NSX Edge nodes Configure NSX Edge nodes and create NSX Edge clusters Configure Tier-0 and Tier-1 Gateways Examine the single-tier and multitier packet flow Configure static routing and dynamic routing, including BGP and OSPF Enable ECMP on Tier-0 Gateway Describe NSX Edge HA, failure detection, and failback modes Configure VRF Lite NSX-T Data Center Bridging Describe the function of logical bridging Discuss the logical bridging use cases Compare routing and bridging solutions Explain the components of logical bridging Create bridge clusters and bridge profiles NSX-T Data Center Firewalls Describe NSX segmentation Identify the steps to enforce Zero-Trust with NSX segmentation Describe the Distributed Firewall architecture, components, and function Configure Distributed Firewall sections and rules Configure the Distributed Firewall on VDS Describe the Gateway Firewall architecture, components, and function Configure Gateway Firewall sections and rules NSX-T Data Center Advanced Threat Prevention Explain NSX IDS/IPS and its use cases Configure NSX IDS/IPS Deploy the NSX Application Platform Identify the components and architecture of NSX Malware Prevention Configure NSX Malware Prevention for east-west and north-south traffic Describe the use cases and architecture of NSX Intelligence Identify the components and architecture of VMware NSX© Network Detection and Response? Use NSX Network Detection and Response to analyze network traffic events. NSX-T Data Center Services Describe NSX-T Data Center services Explain and configure Network Address Translation (NAT) Explain and configure DNS and DHCP services Describe VMware NSX© Advanced Load Balancer? architecture, components, topologies, and use cases. Configure NSX Advanced Load Balancer Discuss the IPSec VPN and L2 VPN function and use cases Configure IPSec VPN and L2 VPN using the NSX Manager UI NSX-T Data Center User and Role Management Describe the function and benefits of VMware Identity Manager? in NSX-T Data Center Integrate VMware Identity Manager with NSX-T Data Center Integrate LDAP with NSX-T Data Center Identify the various types of users, authentication policies, and permissions Use role-based access control to restrict user access NSX-T Data Center Federation Introduce the NSX-T Data Center Federation key concepts, terminology, and use-cases. Explain the onboarding process of NSX-T Data Center Federation Describe the NSX-T Data Center Federation switching and routing functions. Describe the NSX-T Data Center Federation security concepts.

Duration 5 Days 30 CPD hours This course is intended for Networking and security professionals involved in the management, configuration, administration, and monitoring of FortiGate devices used to secure their organizations' networks. Overview In interactive labs, you will explore firewall policies, user authentication, basic VPNs, explicit proxy, virus detection, web filtering, application control and more. These administrative fundamentals will provide you with a solid understanding of how to integrate and maintain basic network security. In the last three days you will review topics including features commonly used in complex or larger enterprise/MSSP networks, such as advanced routing, transparent mode, redundant infrastructure, security-as-a-service (SaaS), advanced IPsec VPN, IPS, SSO, certificates, data leak prevention, diagnostics, and fine-tuning performance. The Fortinet NSE 4 Bundle is a 5-day event that provides the basic configuration and administration of the most commonly used features of FortiGate appliances and a selection of advanced FortiGate networking and security features. The Fortinet NSE 4 Bundle is a 5-day event that provides the basic configuration and administration of the most commonly used features of FortiGate appliances and a selection of advanced FortiGate networking and security features. Additional course details: Nexus Humans NSE 4 Bundle training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the NSE 4 Bundle course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for This course is intended for networking and security professionals involved in the day-to-day management of a FortiAnalyzer appliance and FortiGate security information. Overview Describe key features and concepts of FortiAnalyzer Deploy an appropriate architecture Manage ADOMs on both FortiAnalyzer and the devices that log to it Configure RAID Register supported devices Encrypt log transmission (SSL / IPSec) View & analyze current and historical logs (FortiView) Monitor events Apply disk quotas to log data from devices Backup, restore, and forward log data Use content archiving (summary and full) Understand the different stages of data processing, from receiving logs to compiling reports Understand SQL queries and datasets used by FortiAnalyzer reports Design datasets, charts, and custom reports Generate reports by schedule or on demand In this 3-day NSE 5 Bundle, you will learn the fundamentals of using FortiManager and FortiAnalyzer for centralized network administration of many FortiGate devices. In this 3-day NSE 5 Bundle, you will learn the fundamentals of using FortiManager and FortiAnalyzer for centralized network administration of many FortiGate devices. Additional course details: Nexus Humans NSE 5 Bundle training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the NSE 5 Bundle course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

5 STAR Rated | CPD Certified Diploma | 22-in-1 Premium Bundle | 22 Free PDF+ Transcript Certificate | Lifetime Access

Duration 4 Days 24 CPD hours This course is intended for This course is for Azure Security Engineers who are planning to take the associated certification exam, or who are performing security tasks in their day-to-day job. This course would also be helpful to an engineer that wants to specialize in providing security for Azure-based digital platforms and play an integral role in protecting an organization's data. This course provides IT Security Professionals with the knowledge and skills needed to implement security controls, maintain an organization?s security posture, and identify and remediate security vulnerabilities. This course includes security for identity and access, platform protection, data and applications, and security operations. Prerequisites AZ-104T00 - Microsoft Azure Administrator Security best practices and industry security requirements such as defense in depth, least privileged access, role-based access control, multi-factor authentication, shared responsibility, and zero trust model. Be familiar with security protocols such as Virtual Private Networks (VPN), Internet Security Protocol (IPSec), Secure Socket Layer (SSL), disk and data encryption methods. Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration, instead the course content builds on that knowledge by adding security specific information. Have experience with Windows and Linux operating systems and scripting languages. Course labs may use PowerShell and the CLI. 1 - Manage identities in Microsoft Entra ID Secure users in Microsoft Entra ID Secure groups in Microsoft Entra ID Recommend when to use external identities Secure external identities Implement Microsoft Entra Identity protection 2 - Manage authentication by using Microsoft Entra ID Configure Microsoft Entra Verified ID Implement multifactor authentication (MFA) Implement passwordless authentication Implement password protection Implement single sign-on (SSO) Integrate single sign-on (SSO) and identity providers Recommend and enforce modern authentication protocols 3 - Manage authorization by using Microsoft Entra ID Configure Azure role permissions for management groups, subscriptions, resource groups, and resources Assign built-in roles in Microsoft Entra ID Assign built-in roles in Azure Create and assign a custom role in Microsoft Entra ID Implement and manage Microsoft Entra Permissions Management Configure Microsoft Entra Privileged Identity Management Configure role management and access reviews by using Microsoft Entra Identity Governance Implement Conditional Access policies 4 - Manage application access in Microsoft Entra ID Manage access to enterprise applications in Microsoft Entra ID, including OAuth permission grants Manage app registrations in Microsoft Entra ID Configure app registration permission scopes Manage app registration permission consent Manage and use service principals Manage managed identities for Azure resources Recommend when to use and configure a Microsoft Entra Application Proxy, including authentication 5 - Plan and implement security for virtual networks Plan and implement Network Security Groups (NSGs) and Application Security Groups (ASGs) Plan and implement User-Defined Routes (UDRs) Plan and implement Virtual Network peering or gateway Plan and implement Virtual Wide Area Network, including secured virtual hub Secure VPN connectivity, including point-to-site and site-to-site Implement encryption over ExpressRoute Configure firewall settings on PaaS resources Monitor network security by using Network Watcher, including NSG flow logging 6 - Plan and implement security for private access to Azure resources Plan and implement virtual network Service Endpoints Plan and implement Private Endpoints Plan and implement Private Link services Plan and implement network integration for Azure App Service and Azure Functions Plan and implement network security configurations for an App Service Environment (ASE) Plan and implement network security configurations for an Azure SQL Managed Instance 7 - Plan and implement security for public access to Azure resources Plan and implement Transport Layer Security (TLS) to applications, including Azure App Service and API Management Plan, implement, and manage an Azure Firewall, Azure Firewall Manager and firewall policies Plan and implement an Azure Application Gateway Plan and implement an Azure Front Door, including Content Delivery Network (CDN) Plan and implement a Web Application Firewall (WAF) Recommend when to use Azure DDoS Protection Standard 8 - Plan and implement advanced security for compute Plan and implement remote access to public endpoints, Azure Bastion and just-in-time (JIT) virtual machine (VM) access Configure network isolation for Azure Kubernetes Service (AKS) Secure and monitor AKS Configure authentication for AKS Configure security for Azure Container Instances (ACIs) Configure security for Azure Container Apps (ACAs) Manage access to Azure Container Registry (ACR) Configure disk encryption, Azure Disk Encryption (ADE), encryption as host, and confidential disk encryption Recommend security configurations for Azure API Management 9 - Plan and implement security for storage Configure access control for storage accounts Manage life cycle for storage account access keys Select and configure an appropriate method for access to Azure Files Select and configure an appropriate method for access to Azure Blob Storage Select and configure an appropriate method for access to Azure Tables Select and configure an appropriate method for access to Azure Queues Select and configure appropriate methods for protecting against data security threats, including soft delete, backups, versioning, and immutable storage Configure Bring your own key (BYOK) Enable double encryption at the Azure Storage infrastructure level 10 - Plan and implement security for Azure SQL Database and Azure SQL Managed Instance Enable database authentication by using Microsoft Entra ID Enable and monitor database audit Identify use cases for the Microsoft Purview governance portal Implement data classification of sensitive information by using the Microsoft Purview governance portal Plan and implement dynamic mask Implement transparent data encryption? Recommend when to use Azure SQL Database Always Encrypted 11 - Plan, implement, and manage governance for security Create, assign, and interpret security policies and initiatives in Azure Policy Configure security settings by using Azure Blueprint Deploy secure infrastructures by using a landing zone Create and configure an Azure Key Vault Recommend when to use a dedicated Hardware Security Module (HSM) Configure access to Key Vault, including vault access policies and Azure Role Based Access Control Manage certificates, secrets, and keys Configure key rotation Configure backup and recovery of certificates, secrets, and keys 12 - Manage security posture by using Microsoft Defender for Cloud Implement Microsoft Defender for Cloud Identify and remediate security risks by using the Microsoft Defender for Cloud Secure Score and Inventory Assess compliance against security frameworks and Microsoft Defender for Cloud Add industry and regulatory standards to Microsoft Defender for Cloud Add custom initiatives to Microsoft Defender for Cloud Connect hybrid cloud and multicloud environments to Microsoft Defender for Cloud Identify and monitor external assets by using Microsoft Defender External Attack Surface Management 13 - Configure and manage threat protection by using Microsoft Defender for Cloud Enable workload protection services in Microsoft Defender for Cloud, including Microsoft Defender for Storage, Databases, Containers, App Service, Key Vault, Resource Manager, and DNS Configure Microsoft Defender for Servers Configure Microsoft Defender for Azure SQL Database Manage and respond to security alerts in Microsoft Defender for Cloud Configure workflow automation by using Microsoft Defender for Cloud Evaluate vulnerability scans from Microsoft Defender for Server 14 - Configure and manage security monitoring and automation solutions Monitor security events by using Azure Monitor Configure data connectors in Microsoft Sentinel Create and customize analytics rules in Microsoft Sentinel Configure automation in Microsoft Sentinel Additional course details: Nexus Humans AZ-500T00 Microsoft Azure Security Technologies training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the AZ-500T00 Microsoft Azure Security Technologies course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for This course is intended for anyone who is responsible for day-to-day management of many FortiGate devices via the FortiManager platform. Overview Describe capabilities of FortiManager Add FortiGate devices to Device Manager and import their running configuration Use provisioning templates and scripts for device-level changes across many devices Identify the synchronization states Manage the revision history of managed devices Offer a local FortiGuard Distribution Server to your Fortinet devices Deploy administrative domains (ADOMs) to support multiple customers on a single FortiManager Manage firewall policies across multiple FortiGate devices using policy packages with shared and dynamic objects Deploy policies and objects from the global ADOM to multiple ADOMs Explain high availability, backup, and recovery options for FortiManager Compare methods for centrally managing IPsec VPNs Explain the restricted ''admin'' profile and API high-level usage Use workspaces and workflow mode Identify steps to replace a managed FortiGate device Manage FortiGate devices' firmware centrally In this 2-day class, you will learn the fundamentals of using FortiManager for centralized network administration of many FortiGate devices. Example use cases include large enterprise and carrier networks. Course Outline Module1 - Introduction and Initial Configuration Module2 - Administration and Management Module3 - Device Registration Module4 - Device Level Configuration and Installation Module5 - Policy and Objects Module6 - Manager Panes Module7 - Diagnostics and Troubleshooting Module8 - Advanced Configuration Additional course details: Nexus Humans FortiManager training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the FortiManager course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

CPD & CiQ Accredited | 17-in-1 Diploma Bundle | Free PDF & Transcript Certificate Included | Expert Support

Description: The purpose of 70-685 - Enterprise Desktop Support Technician for Windows 7 course is to teach you how to configure and deploy a private cloud with System Center 2012 R2. Throughout the course, you will know the ways of understanding and work with the cloud, the cloud components, including infrastructure and service catalog, and virtual applications. The course guides you how to use VMM or install VMM to deploy the cloud. You will also be introduced to host groups and security systems. After completing the course, you will be able to work with Private Cloud Infrastructures. You will also be able to learn dynamic application deployment, server application virtualization, web deployment packages, server App-V components and sequencing and deploying virtual apps. After that, the course will help you to understand the essential components of Private Cloud including SQL server profiles, OS profiles, application profiles, hardware profiles, VM templates and self-service user role. In the course, you will gain information about the Private Cloud computing, installing and configuring app controller and creating and managing services and service templates. Finally, you will know about server management, automation and security for the cloud. Assessment: At the end of the course, you will be required to sit for an online MCQ test. Your test will be assessed automatically and immediately. You will instantly know whether you have been successful or not. Before sitting for your final exam you will have the opportunity to test your proficiency with a mock exam. Certification: After completing and passing the course successfully, you will be able to obtain an Accredited Certificate of Achievement. Certificates can be obtained either in hard copy at a cost of £39 or in PDF format at a cost of £24. Who is this Course for? 70-685 - Enterprise Desktop Support Technician for Windows 7 is certified by CPD Qualifications Standards and CiQ. This makes it perfect for anyone trying to learn potential professional skills. As there is no experience and qualification required for this course, it is available for all students from any academic background. Requirements Our 70-685 - Enterprise Desktop Support Technician for Windows 7 is fully compatible with any kind of device. Whether you are using Windows computer, Mac, smartphones or tablets, you will get the same experience while learning. Besides that, you will be able to access the course with any kind of internet connection from anywhere at any time without any kind of limitation. Career Path After completing this course you will be able to build up accurate knowledge and skills with proper confidence to enrich yourself and brighten up your career in the relevant job market. Identifying Cause and Resolving Desktop Application Issues Identifying Cause and Resolving Desktop Application Issues FREE 00:17:00 Problem Steps Recorder 00:31:00 Other Group Policy Settings 00:15:00 AppLocker Advantages 00:27:00 Windows Installer 00:16:00 WSUS 00:29:00 Browsing History 00:13:00 Operating System Troubleshooting and Support Operating System Troubleshooting and Support 01:03:00 Safe Mode Options 00:48:00 Event Forwarding 00:16:00 Windows 7 and Language Packs 00:21:00 Networking with Windows 7 Networking with Windows 7 00:52:00 Automatic Configuration 00:18:00 TCP IP Configuration 01:12:00 IPv6 00:28:00 IPSec 00:23:00 Configuring Security and Troubleshooting Issues Configuring Security and Troubleshooting Issues 00:51:00 Windows Firewall with Advanced Security 00:45:00 Protecting the PC Proactively 00:18:00 Supporting Mobile Users Supporting Mobile Users 00:36:00 Remote Assistance 00:22:00 Maintaining Hardware on Windows 7 Maintaining Hardware on Windows 7 00:21:00 Working with Hard Drive Issues 00:48:00 Common Components 00:21:00 Power Management 00:21:00 Centralizing Configurations Centralizing Configurations 00:16:00 Administrative Templates 00:22:00 User Login, Profiles and Access to Resources User Login, Profiles and Access to Resources 00:29:00 DHCP 00:41:00 Configuring Offline Files - Client Side 00:21:00 Mock Exam Mock Exam- 70-685 - Enterprise Desktop Support Technician for Windows 7 00:20:00 Final Exam Final Exam- 70-685 - Enterprise Desktop Support Technician for Windows 7 00:20:00 Certificate and Transcript Order Your Certificates and Transcripts 00:00:00

Duration 5 Days 30 CPD hours This course is intended for Security administrators Security consultants Network administrators System engineers Technical support personnel Cisco integrators and partners Overview After taking this course, you should be able to: Describe key concepts of NGIPS and NGFW technology and the Cisco Firepower Threat Defense system, and identify deployment scenarios Perform initial Cisco Firepower Threat Defense device configuration and setup tasks Describe how to manage traffic and implement Quality of Service (QoS) using Cisco Firepower Threat Defense Describe how to implement NAT by using Cisco Firepower Threat Defense Perform an initial network discovery, using Cisco Firepower to identify hosts, applications, and services Describe the behavior, usage, and implementation procedure for access control policies Describe the concepts and procedures for implementing security intelligence features This course gives you knowledge and skills to use and configure Cisco© Firepower Threat Defense technology, beginning with initial device setup and configuration and including routing, high availability, Cisco Adaptive Security Appliance (ASA) to Cisco Firepower Threat Defense migration, traffic control, and Network Address Translation (NAT). You will learn how to implement advanced Next-Generation Firewall (NGFW) and Next-Generation Intrusion Prevention System (NGIPS) features, including network intelligence, file type detection, network-based malware detection, and deep packet inspection. You will also learn how to configure site-to-site VPN, remote-access VPN, and Secure Sockets Layer (SSL) decryption before moving on to detailed analysis, system administration, and troubleshooting. Cisco Firepower Threat Defense Overview Examining Firewall and IPS Technology Firepower Threat Defense Features and Components Examining Firepower Platforms Examining Firepower Threat Defense Licensing Cisco Firepower Implementation Use Cases Cisco Firepower NGFW Device Configuration Firepower Threat Defense Device Registration FXOS and Firepower Device Manager Initial Device Setup Managing NGFW Devices Examining Firepower Management Center Policies Examining Objects Examining System Configuration and Health Monitoring Device Management Examining Firepower High Availability Configuring High Availability Cisco ASA to Firepower Migration Migrating from Cisco ASA to Firepower Threat Defense Cisco Firepower NGFW Traffic Control Firepower Threat Defense Packet Processing Implementing QoS Bypassing Traffic Cisco Firepower NGFW Address Translation NAT Basics Implementing NAT NAT Rule Examples Implementing NAT Cisco Firepower Discovery Examining Network Discovery Configuring Network Discovery Implementing Access Control Policies Examining Access Control Policies Examining Access Control Policy Rules and Default Action Implementing Further Inspection Examining Connection Events Access Control Policy Advanced Settings Access Control Policy Considerations Implementing an Access Control Policy Security Intelligence Examining Security Intelligence Examining Security Intelligence Objects Security Intelligence Deployment and Logging Implementing Security Intelligence File Control and Advanced Malware Protection Examining Malware and File Policy Examining Advanced Malware Protection Next-Generation Intrusion Prevention Systems Examining Intrusion Prevention and Snort Rules Examining Variables and Variable Sets Examining Intrusion Policies Site-to-Site VPN Examining IPsec Site-to-Site VPN Configuration Site-to-Site VPN Troubleshooting Implementing Site-to-Site VPN Remote-Access VPN Examining Remote-Access VPN Examining Public-Key Cryptography and Certificates Examining Certificate Enrollment Remote-Access VPN Configuration Implementing Remote-Access VPN SSL Decryption Examining SSL Decryption Configuring SSL Policies SSL Decryption Best Practices and Monitoring Detailed Analysis Techniques Examining Event Analysis Examining Event Types Examining Contextual Data Examining Analysis Tools Threat Analysis System Administration Managing Updates Examining User Account Management Features Configuring User Accounts System Administration Cisco Firepower Troubleshooting Examining Common Misconfigurations Examining Troubleshooting Commands Firepower Troubleshooting

Duration 5 Days 30 CPD hours This course is intended for For those seeing to prepare for CCIE Enterprise Infrastructure certification Overview This course will help prepare for CCIE Enterprise Infrastructure certification The new CCIE Enterprise Infrastructure certification program prepares you for today?s expert-level job roles in enterprise infrastructure technologies. CCIE Enterprise Infrastructure now includes automation and programmability to help you scale your enterprise infrastructure. VTP VTP and different versions Pruning EtherChannel LACP Layer 2 and Layer 3 Spanning Protocol 1d, 802.1w, and 802.1s SPAN, RSPAN, and ERSPAN DMVPN All Phases Redundancy: Two Clouds One Hub Two Hubs one Cloud Two hubs two Clouds Running Routing Protocols DMVPN over MPLS EIGRP RD, CD, S, FC, FS, and FD Configuration, and hidden debugging Authentications: MD5, and SHA, Summarization Load Balancing:Equal Cost, Unequal Cost, Add-Path, Filtering, Default Route Injection Optimization: Query Propagation Boundary, IP FRR, STUB routing (All Options) Metric: Classic, Wide Metric Route Tags: Decimal and Dotted-Decimal Notations, OTP OSPFv2 Overview and special cases GRE or Virtual-Links LSAs, FA, and RFCs (1583, 1587, 2328, 3101, 5185 and many more) Best Path Selection Network Types Area Types Optimization: GTSM, LFA, Default Route Injection Authentication: RFC 2328, RFC 5709, Summarization, Filtering BGP States Establishing a Peer Session: Regular method,Peer-Groups,Templates,Best Path Selection Attributes: Weight, AS-Path, Origin, Next-Hop, Local-Preference, Atomic-Aggregate Communities, Aggregator, and MED Load Balancing: Equal Cost,Unequal Cost,Conditional Advertisement,Out/In Bound Route Filtering and the order,ORF,Multihoming Scenarios AS-Path Manipulation: Regexp,Local-as,Allow-as,Remove-Private-as Convergence and Scalability: Route Reflectors,Confederation,Aggregation (All Options) Other BGP Features: MultiPath,Add-Path,Route-Refresh,Soft Reconfiguration IPv6 Acquiring an IPv6 Address: IPv6 General Prefix SLAAC DHCPv6 Rapid-Commit Relay Prefix Delegation IPv6 and DMVPN EIGRPv6 OSPFv3: Both flavors, LSAs, RFCs BGP for IPv6: IPv6 transport, and IPv4 route exchange Transitional Solutions: NAT-PT,6VPE,Multicast,MLD,Static RP,BSR,Embedded RP,IPv6 Traffic Filters,RA Guard,ND Inspection MPLS LDP, VRFs, RD, and RT L3VPNs Route Leaking PE to CE Routing Security Control Plane Policing VACLs Storm Control DHCP Snooping IP Source Guard DAI Private VLANs Port Security Access-lists uRPF Device Tracking IPsec Identity Use Case For FlexVPN: Site-to-Site, IKEv1, and IKEv2 Using Preshared Keys 1x Port Base Authentication : Device Roles,Port States,Authentication Process,Host Modes Network Services FHRP: HSRP, VRRP, and GLBP NAT: Static NAT, and PAT,Dynamic NAT,Policy-Base NAT,VRF-Aware NAT,VASI NAT Software Defined Infrastructure Cisco SD Access: Design a Cisco SD Access solution Underlay network (IS-IS, manual/PnP) Overlay fabric design (LISP, VXLAN, Cisco TrustSec) Fabric domains (single-site and multi-site using SD-WAN transit) Cisco SD Access deployment: Cisco DNA Center device discovery and device management Add fabric node devices to an existing fabric Host onboarding (wired endpoints only) Fabric border handoff Segmentation Macro-level segmentation using VNs Micro-level segmentation using SGTs (using Cisco ISE) Assurance Network and client health (360) Monitoring and troubleshooting Cisco SD-WAN: Design a Cisco SD-WAN solution Orchestration plane (vBond, NAT) Management Plane (vManage) Control Plane (vSmart, OMP) Data Plane (vEdge/cEdge) WAN edge deployment Onboarding new edge routers Orchestration with zero-touch provisioning/PnP OMP TLOC Configuration templates Localized policies (only QoS) Centralized policies Application aware Routing Topologies