56 IT Security courses in Leeds delivered Live Online

Duration 5 Days 30 CPD hours This course is intended for Experienced security administrators Overview By the end of the course, you should be able to meet the following objectives: Define the concepts related to information security Explain the different types of firewalls and their use cases Describe the operation of intrusion detection and intrusion prevention systems Differentiate between Malware Prevention approaches Describe the VMware intrinsic security portfolio Use NSX segmentation to implement Zero-Trust Security Configure user and role management Configure and troubleshoot Distributed Firewall, Identity Firewall, and time-based policies Configure and troubleshoot Gateway Security Use VMware Aria Operations™ for Logs and VMware Aria Operations™ for Networks to operate NSX firewalls Explain the security best practices related to grouping, tagging, and rule configuration Describe north-south and east-west service insertion Describe endpoint protection Configure and troubleshoot IDS/IPS Deploy NSX Application Platform Configure and troubleshoot NSX Malware Prevention Describe the capabilities of NSX Intelligence and NSX NDR This five-day, hands-on training course provides you with the knowledge, skills, and tools to achieve competency in configuring, operating, and troubleshooting VMware NSX© for intrinsic security. This course introduces all the security features in NSX, including Distributed Firewall and Gateway Firewall, Intrusion Detection and Prevention (IDS/IPS), NSX Application Platform, NSX Malware Prevention, VMware NSX© Intelligence?, and VMware NSX© NDR?. In addition, this course presents common configuration issues and gives a methodology to resolve them. Course Introduction Introduction and course logistics Course objectives Security Basics Define the concepts related to information security Explain the different types of firewalls and their use cases Describe the operation of IDS/IPS Differentiate between Malware Prevention approaches VMware Intrinsic Security Define the VMware intrinsic security strategy Describe the VMware intrinsic security portfolio Explain how NSX aligns with the intrinsic security strategy Implementing Zero-Trust Security Define Zero-Trust Security Describe the five pillars of a Zero-Trust architecture Define NSX segmentation and its use cases Describe the steps needed to enforce Zero-Trust with NSX segmentation User and Role Management Integrate NSX and VMware Identity Manager? Integrate NSX and LDAP Describe the native users and roles in NSX Create and assign custom user roles Explain object-based RBAC in a multitenancy environment Distributed Firewall Configure Distributed Firewall rules and policies Describe the NSX Distributed Firewall architecture Troubleshoot common problems related to NSX Distributed Firewall Configure time-based policies Configure Identity Firewall rules Configure the distributed firewall to block malicious IPs Gateway Security Configure Gateway Firewall rules and policies Describe the architecture of the Gateway Firewall Identify and troubleshoot common Gateway Firewall issues Configure TLS Inspection to decrypt traffic for both internal and external services Configure URL filtering and identify common configuration issues Operating Internal Firewalls Use VMware Aria Operations for Logs and VMware Aria Operations for Networks to operate NSX firewalls Explain security best practices related to grouping, tagging, and rule configuration Network Introspection Explain network introspection Describe the architecture and workflows of north-south and east-west service insertion Troubleshoot north-south and east-west service insertion Endpoint Protection Explain endpoint protection Describe the architecture and workflows of endpoint protection Troubleshoot endpoint protection Intrusion Detection and Prevention Describe the MITRE ATT&CK framework Explain the different phases of a cyber attack Describe how NSX security solutions can be used to protect against cyber attacks Configure and troubleshoot Distributed IDS/IPS Configure and troubleshoot North-South IDS/IPS NSX Application Platform Describe NSX Application Platform and its use cases Identify the topologies supported for the deployment of NSX Application Platform Deploy NSX Application Platform Explain the NSX Application Platform architecture and services Validate the NSX Application Platform deployment and troubleshoot common issues NSX Malware Prevention Identify use cases for NSX Malware Prevention Identify the components in the NSX Malware Prevention architecture Describe the NSX Malware Prevention packet flows for known and unknown files Configure NSX Malware Prevention for east-west and north-south traffic NSX Intelligence and NSX NDR Describe NSX Intelligence and its use cases Explain NSX Intelligence visualization, recommendation, and network traffic analysis capabilities Describe NSX NDR and its use cases Explain the architecture of NSX NDR in NSX Describe the visualization capabilities of NSX NDR Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware NSX for Intrinsic Security [V4.x] training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware NSX for Intrinsic Security [V4.x] course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for This course benefits individuals responsible for implementing, monitoring, and troubleshooting Juniper security components. Overview After successfully completing this course, you should be able to: Demonstrate understanding of concepts covered in the prerequisite Juniper Security courses. Describe the various forms of security supported by the Junos OS. Describe the Juniper Connected Security model. Describe Junos security handling at Layer 2 versus Layer 3. Implement next generation Layer 2 security features. Demonstrate understanding of Logical Systems (LSYS). Demonstrate understanding of Tenant Systems (TSYS). Implement virtual routing instances in a security setting. Describe and configure route sharing between routing instances using logical tunnel interfaces. Describe and discuss Juniper ATP and its function in the network. Describe and implement Juniper Connected Security with Policy Enforcer in a network. Describe firewall filters use on a security device. Implement firewall filters to route traffic. Explain how to troubleshoot zone problems. Describe the tools available to troubleshoot SRX Series devices. Describe and implement IPsec VPN in a hub-and-spoke model. Describe the PKI infrastructure. Implement certificates to build an ADVPN network. Describe using NAT, CoS and routing protocols over IPsec VPNs. Implement NAT and routing protocols over an IPsec VPN. Describe the logs and troubleshooting methodologies to fix IPsec VPNs. Implement working IPsec VPNs when given configuration that are broken. Describe Incident Reporting with Juniper ATP On-Prem device. Configure mitigation response to prevent spread of malware. Explain SecIntel uses and when to use them. Describe the systems that work with SecIntel. Describe and implement advanced NAT options on the SRX Series devices. Explain DNS doctoring and when to use it. Describe NAT troubleshooting logs and techniques. This four-day course, designed to build off the current Juniper Security (JSEC) offering, delves deeper into Junos security, next-generation security features, and ATP supporting software. Chapter 1: Course Introduction Course Introduction Chapter 2: Junos Layer 2 Packet Handling and Security Features Transparent Mode Security Secure Wire Layer 2 Next Generation Ethernet Switching MACsec Lab 1: Implementing Layer 2 Security Chapter 3: Firewall Filters Using Firewall Filters to Troubleshoot Routing Instances Filter-Based Forwarding Lab 2: Implementing Firewall Filters Chapter 4: Troubleshooting Zones and Policies General Troubleshooting for Junos Devices Troubleshooting Tools Troubleshooting Zones and Policies Zone and Policy Case Studies Lab 3: Troubleshooting Zones and Policies Chapter 5: Hub-and-Spoke VPN Overview Configuration and Monitoring Lab 4: Implementing Hub-and-Spoke VPNs Chapter 6: Advanced NAT Configuring Persistent NAT Demonstrate DNS doctoring Configure IPv6 NAT operations Troubleshooting NAT Lab 5: Implementing Advanced NAT Features Chapter 7: Logical and Tenant Systems Overview Administrative Roles Differences Between LSYS and TSYS Configuring LSYS Configuring TSYS Lab 6: Implementing TSYS Chapter 8: PKI and ADVPNs PKI Overview PKI Configuration ADVPN Overview ADVPN Configuration and Monitoring Lab 7: Implementing ADVPNs Chapter 9: Advanced IPsec NAT with IPsec Class of Service with IPsec Best Practices Routing OSPF over VPNs Lab 8: Implementing Advanced IPsec Solutions Chapter 10: Troubleshooting IPsec IPsec Troubleshooting Overview Troubleshooting IKE Phase 1 and 2 IPsec Logging IPsec Case Studies Lab 9: Troubleshooting IPsec Chapter 11: Juniper Connected Security Security Models Enforcement on Every Network Device Chapter 12: SecIntel Security Feed Encrypted Traffic Analysis Use Cases for SecIntel Lab 10: Implementing SecIntel Chapter 13:Advanced Juniper ATP On-Prem Collectors Private Mode Incident Response Deployment Models Lab 11: Implementing Advanced ATP On-Prem Chapter 14: Automated Threat Mitigation Identify and Mitigate Malware Threats Automate Security Mitigation Lab 12: Identifying and Mitigation of Threats Additional course details: Nexus Humans AJSEC - Advanced Junos Security training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the AJSEC - Advanced Junos Security course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for The primary audiences for this course are the following: • Operators of Juniper Networks security solutions, including network engineers, administrators, support personnel, and resellers. Overview After successfully completing this course, you should be able to: Identify security challenges in today's networks. Identify products that are incorporated into the Juniper Connected Security solution. Explain the value of implementing security solutions. Explain how Juniper Connected Security solves the cyber security challenges of the future. Explain SRX Series session management. Explain Junos ALG functions and when to use them. Describe policy logging on the SRX series device. Explain security policy scheduling. Describe application security theory. Explain application signature usage in AppID. Describe the AppTrack service. Describe the AppFW service. Describe the AppQoS service. Configure security policies using the AppSecure suite of services. Explain unified security policies. Describe IPS signatures. Configure an IPS policy using pre-defined templates. Describe how to update the IPS attack object database. Describe IPS rules and rule bases. Configure custom attack objects. Describe Junos Space and Security Director. Configure policy management using Security Director. Describe Security Director objects. Explain the different licensing options for Sky ATP List Sky ATP's features and benefits. Configure Sky ATP profiles and enroll an SRX Series device. Configure file scanning on Sky ATP. Configure Sky ATP to scan email Configure GeoIP on Sky ATP. Describe the JATP features and benefits List the JATP device options. Explain the JATP architecture. List 3rd party support options for JATP. Explain JATP SmartCore analytics processes. Describe Policy Enforcer configuration options. Describe Policy Enforcer integration with Sky ATP. Configure Policy Enforcer to block lateral malware movement. Explain Juniper Secure Analytics features and benefits. Describe JSA log collection. Describe JSA network flow collection. Describe the JSA Offense Management workspace. Explain the JSA Risk Manager features. Configure JSA to collect network and log collection. Explain the features of JIMS. Describe JIMS integration into the current AD network. Describe the Sky Enterprise service and how it can save resources. Explain the Sky Enterprise monitoring service. Explain the vSRX Series device benefits. Describe use cases for the vSRX. Explain the cSRX Series device benefits. Describe use cases for the cSRX. Describe SSL Proxy Concepts. Explain Forward and Reverse Proxy and the limitations of each. Configure both Forward and Reverse Proxy. This five-day course uses the Junos J-Web, CLI, Junos Space, and other user interfaces to introduce students to the concept of Juniper Connected Security. Chapter 1: Course Introduction Course Introduction Chapter 2: CLI Overview User Interface Options Command-Line Interface Initial Configuration Interface Configuration Lab 1: CLI Overview Chapter 3: Advanced Security Policy Session Management Junos ALGs Policy Scheduling Policy Logging Lab 2: Advanced Security Policy Chapter 4: Application Security Theory Application ID Application Signatures App Track App Firewall App QoS App QoE Chapter 5: Application Security Implementation AppTrack Implementation AppFW Implementation AppQos Implementation APBR Implementation Lab 3: Application Security Chapter 6: Intrusion Detection and Prevention IPS Overview IPS Policy Attack Objects IPS Configuration IPS Monitoring Lab 4: Implementing IPS Chapter 7: Security Director Overview Security Director Objects Security Director Policy Management Lab 5: Security Director Chapter 8: Sky ATP Implementation Architecture and Key Components Features and Benefits Configuration Compromised Hosts Command and Control File Scanning E-mail Scanning Geo IP Security Policy Integration Troubleshooting Lab 6: Sky ATP Implementation Chapter 9: Policy Enforcer Policy Enforcer Concepts Configuration Options Policy Enforcer Installation Lab 7: Policy Enforcer Chapter 10: JATP Overview Traffic Inspection Threat Detection Threat Analysis JATP Architecture Chapter 11: JATP Implementation Data Collectors Configure SmartCore Analytics Engine Log Ingestion Incident Management SRX Threat Prevention 3rd Party support for Threat Prevention Reporting Lab 8: JATP Chapter 12: Juniper Secure Analytics (JSA) JSA Overview Data Collection Log Analytics Threat Analytics Vulnerability Management Risk Management Lab 9: JSA Chapter 13: JIMS JIMS Overview JIMS Integration Lab 10: JIMS Chapter 14: vSRX and cSRX vSRX Overview vSRX Supported Features vSRX Use Cases cSRX Overview Lab 11: vSRX Installation Chapter 15: SSL Proxy SSL Proxy Overview SSL Concepts SSL Proxy Configurations Troubleshooting Lab 12: SSL Proxy Chapter 16: Cluster Concepts Chassis Cluster Concepts Chassis Cluster Operation Chapter 17: Chassis Cluster Implementation Chassis Cluster Configuration Chassis Cluster Advanced Options Lab 13: Chassis Cluster Implementation Chapter 18: Chassis Cluster Troubleshooting Chassis Cluster Case Studies Troubleshooting Examples Lab 14: Chassis Cluster Troubleshooting Additional course details: Nexus Humans JSEC - Junos Security training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the JSEC - Junos Security course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for Experienced security administrators Overview By the end of the course, you should be able to meet the following objectives: Define information-security-related concepts Explain the different types of firewalls and their use cases Describe the operation of intrusion detection and intrusion prevention systems Differentiate between Malware Prevention approaches Describe the VMware intrinsic security portfolio Implement Zero-Trust Security using VMware NSX segmentation Configure user and role management Configure and troubleshoot Distributed Firewall, Identity Firewall, and time-based policies Configure and troubleshoot Gateway Security Use VMware vRealize Log Insight™ for NSX™ and VMware vRealize Network Insight™ to operate NSX firewalls Explain the security best practices related to grouping, tagging, and rule configuration Describe north-south and east-west service insertion Describe endpoint protection Configure and troubleshoot IDS/IPS Deploy NSX Application Platform Configure and troubleshoot NSX Malware Prevention Describe the capabilities of NSX Intelligence and NSX Network Detection and Response This five-day, hands-on training course provides you with the knowledge, skills, and tools to achieve competency in configuring, operating, and troubleshooting VMware NSX-T? Data Center for intrinsic security. In this course, you are introduced to all the security features in NSX-T Data Center, including Distributed Firewall and Gateway Firewall, Intrusion Detection and Prevention (IDS/IPS), NSX Application Platform, NSX Malware Prevention, VMware NSX© Intelligence?, and VMware NSX© Network Detection and Response?.In addition, you are presented with common configuration issues and given a methodology to resolve them. Course Introduction Introductions and course logistics Course objectives Security Basics Define information-security-related concepts Explain the different types of firewalls and their use cases Describe the operation of IDS/IPS Differentiate between Malware Prevention approaches VMware Intrinsic Security Define the VMware intrinsic security strategy Describe the VMware intrinsic security portfolio Explain how NSX-T Data Center aligns with the intrinsic security strategy Implementing Zero-Trust Security Define Zero-Trust Security Describe the five pillars of a Zero-Trust Architecture Define NSX segmentation and its use cases Describe the steps needed to enforce Zero-Trust with NSX segmentation User and Role Management Integrate NSX-T Data Center and VMware Identity Manager? Integrate NSX-T Data Center and LDAP Describe the native users and roles in NSX-T Data Center Create and assign custom user roles Distributed Firewall Configure Distributed Firewall rules and policies Describe the NSX Distributed Firewall architecture Troubleshoot common problems related to NSX Distributed Firewall Configure time-based policies Configure Identity Firewall rules Gateway Security Configure Gateway Firewall rules and policies Describe the architecture of the Gateway Firewall Identify and troubleshoot common Gateway Firewall issues Configure TLS Inspection to decrypt traffic for both internal and external services Configure URL filtering and identify common configuration issues Operating Internal Firewalls Use vRealize Log Insight for NSX and vRealize Network Insight to operate NSX firewalls Explain security best practices related to grouping, tagging, and rule configuration Network Introspection Explain network introspection Describe the architecture and workflows of north-south and east-west service insertion Troubleshoot north-south and east-west service insertion Endpoint Protection Explain endpoint protection Describe the architecture and workflows of endpoint protection Troubleshoot endpoint protection Intrusion Detection and Prevention Describe the MITRE ATT&CK framework Explain the different phases of a cyber attack Describe how NSX security solutions can be used to protect against cyber attacks Configure and troubleshoot Distributed IDS/IPS Configure and troubleshoot North-South IDS/IPS NSX Application Platform Describe NSX Application Platform and its use cases Identify the topologies supported for the deployment of NSX Application Platform Deploy NSX Application Platform Explain the NSX Application Platform architecture and services Validate the NSX Application Platform deployment and troubleshoot common issues NSX Malware Prevention Identify use cases for NSX Malware Prevention Identify the components in the NSX Malware Prevention architecture Describe the NSX Malware Prevention packet flows for known and unknown files Configure NSX Malware Prevention for east-west and north-south traffic NSX Intelligence and NSX Network Detection and Response Describe NSX Intelligence and its use cases Explain NSX Intelligence visualization, recommendation, and network traffic analysis capabilities Describe NSX Network Detection and Response and its use cases Explain the architecture of NSX Network Detection and Response in NSX-T Data Center Describe the visualization capabilities of NSX Network Detection and Response

Duration 3 Days 18 CPD hours This course is intended for This course is for technical professionals to gain skills in writing rules for Snort-based Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). The primary audience includes: Security administrators Security consultants Network administrators System engineers Technical support personnel using open source IDS and IPS Channel partners and resellers Overview After taking this course, you should be able to: Describe the Snort rule development process Describe the Snort basic rule syntax and usage Describe how traffic is processed by Snort Describe several advanced rule options used by Snort Describe OpenAppID features and functionality Describe how to monitor the performance of Snort and how to tune rules The Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRules) v2.1 course shows you how to write rules for Snort, an open-source intrusion detection and prevention system. Through a combination of expert-instruction and hands-on practice, this course provides you with the knowledge and skills to develop and test custom rules, standard and advanced rules-writing techniques, how to integrate OpenAppID into rules, rules filtering, rules tuning, and more. The hands-on labs give you practice in creating and testing Snort rules. Course Outline Introduction to Snort Rule Development Snort Rule Syntax and Usage Traffic Flow Through Snort Rules Advanced Rule Options OpenAppID Detection Tuning Snort

Duration 2 Days 12 CPD hours This course is intended for This course is designed for technical professionals who need to know how to deploy a Cisco Integrated Threat Defense solution in their network environment. The primary audience for this course includes: Systems and network engineersTechnical architectsTechnical support personnelChannel partners and resellers Overview After completing this course, you should be able to: Describe the current network security landscape and the Cisco Integrated Threat Defense (ITD) solutionDescribe the key components of the ITD solution and their use in the networkConfigure the ISE for a baseline of operation in the ITD solutionConfigure the integration between the Stealthwatch and ISE platformsConfigure the integration between the Cisco Firepower and ISE platformsConfigure the integration between Cisco Firepower and AMP for Endpoints This course begins with an analysis of the current cybersecurity landscape and includes details on why networks today need an integrated threat defense architecture. You will integrate and verify proper operation of the key Cisco Integrated Threat Defense products, including Cisco Identity Services Engine (ISE), Cisco Stealthwatch©, Cisco Firepower© NGFW, and Cisco AMP for Endpoints. Verification includes the introduction of malware into the network to ensure proper identification, analysis, and quarantine. Course Outline Integrated Threat Defense Introduction Itd Products Identity Services Engine Setup Integration Of Stealthwatch With Identity Services Engine Integration Of Firepower With Identity Services Engine Integration Of Firepower With Amp For Endpoints

Duration 5 Days 30 CPD hours This course is intended for Network security engineers ISE administrators Wireless network security engineers Cisco integrators and partners Overview After taking this course, you should be able to: Describe Cisco ISE deployments, including core deployment components and how they interact to create a cohesive security architecture. Describe the advantages of such a deployment and how each Cisco ISE capability contributes to these advantages. Describe concepts and configure components related to 802.1X and MAC Authentication Bypass (MAB) authentication, identity management, and certificate services. Describe how Cisco ISE policy sets are used to implement authentication and authorization, and how to leverage this capability to meet the needs of your organization. Describe third-party Network Access Devices (NADs), Cisco TrustSec, and Easy Connect. Describe and configure web authentication, processes, operation, and guest services, including guest access components and various guest access scenarios. Describe and configure Cisco ISE profiling services, and understand how to monitor these services to enhance your situational awareness about network-connected endpoints. Describe best practices for deploying this profiler service in your specific environment. Describe BYOD challenges, solutions, processes, and portals. Configure a BYOD solution, and describe the relationship between BYOD processes and their related configuration components. Describe and configure various certificates related to a BYOD solution. Describe the value of the My Devices portal and how to configure this portal. Describe endpoint compliance, compliance components, posture agents, posture deployment and licensing, and the posture service in Cisco ISE. Describe and configure TACACS+ device administration using Cisco ISE, including command sets, profiles, and policy sets. Understand the role of TACACS+ within the Authentication, Authentication, and Accounting (AAA) framework and the differences between the RADIUS and TACACS+ protocols. Migrate TACACS+ functionality from Cisco Secure Access Control System (ACS) to Cisco ISE, using a migration tool. Implementing and Configuring Cisco Identity Services Engine (SISE) v3.0 is a Cisco ISE training program that discusses the Cisco Identity Services Engine, an identity and access control policy platform that provides a single policy plane across the entire organization, combining multiple services, including authentication, authorization, and accounting (AAA), posture, profiling, device onboarding, and guest management, into a single context-aware identity-based platform. This CCNA course provides students with the knowledge and skills to enforce security posture compliance for wired and wireless endpoints as well as enhance infrastructure security using the Cisco ISE. Introducing Cisco ISE Architecture and Deployment Using Cisco ISE as a Network Access Policy Engine Cisco ISE Use Cases Describing Cisco ISE Functions Cisco ISE Deployment Models Context Visibility Cisco ISE Policy Enforcement Using 802.1X for Wired and Wireless Access Using MAC Authentication Bypass for Wired and Wireless Access Introducing Identity Management Configuring Certificate Services Introducing Cisco ISE Policy Implementing Third-Party Network Access Device Support Introducing Cisco TrustSec Cisco TrustSec Configuration Easy Connect Web Authentication and Guest Services Introducing Web Access with Cisco ISE Introducing Guest Access Components Configuring Guest Access Settings Configuring Sponsor and Guest Portals Cisco ISE Profiler Introducing Cisco ISE Profiler Profiling Deployment and Best Practices Cisco ISE BYOD Introducing the Cisco ISE BYOD Process Describing BYOD Flow Configuring the My Devices Portal Configuring Certificates in BYOD Scenarios Cisco ISE Endpoint Compliance Services Introducing Endpoint Compliance Services Configuring Client Posture Services and Provisioning in Cisco ISE Working with Network Access Devices Review TACACS+ Cisco ISE TACACS+ Device Administration Configure TACACS+ Device Administration TACACS+ Device Administration Guidelines and Best Practices Migrating from Cisco ACS to Cisco ISE Lab outline Access the SISE Lab and Install ISE 2.4 Configure Initial Cisco ISE Setup, GUI Familiarization, and System Certificate Usage Integrate Cisco ISE with Active Directory Configure Basic Policy on Cisco ISE Configure Policy Sets Configure Access Policy for Easy Connect Configure Guest Access Configure Guest Access Operations Create Guest Reports Configure Profiling Customize the Cisco ISE Profiling Configuration Create Cisco ISE Profiling Reports Configure BYOD Blacklisting a Device Configure Cisco ISE Compliance Services Configure Client Provisioning Configure Posture Policies Test and Monitor Compliance-Based Access Test Compliance Policy Configure Cisco ISE for Basic Device Administration Configure TACACS+ Command Authorization

Duration 2 Days 12 CPD hours This course is intended for This course is designed for technical professionals who need to know how to deploy a Cisco Integrated Threat Defense solution in their network environment. Cisco integrators and partners Systems and network engineers Technical architects Technical support personnel Overview After taking this course, you should be able to: Understand the network security landscape and the Cisco Integrated Threat Defense (ITD) solutions Describe the key components of the ITD solution and their use in the network Configure the Cisco Identity Services Engine (ISE) for a baseline of operation in the ITD solution Configure the integration between the Cisco Stealthwatch and Cisco ISE platforms Configure the integration between the Cisco Firepower and ISE platforms Configure the integration between Cisco Firepower and Cisco Advanced Malware Protection (AMP) for Endpoints The Implementing an Integrated Threat Defense Solution (SECUR201) v1.2 course provides an analysis of the cybersecurity landscape with an emphasis on the importance of an integrated threat defense architecture. Through a combination of lessons and hands-on practice, you will learn to deploy and integrate Cisco©?s Integrated Threat Defense solutions which include: Cisco Identity Services Engine (ISE), Cisco Stealthwatch, Cisco Firepower NGFW, and Cisco AMP for Endpoints. This course provides you with the knowledge and skills to implement and integrate solution components with existing network services, integrate solution components with the pxGrid (Platform Exchange Grid) framework, integrate network and endpoint-based malware protection, and observation of security dataflow after the introduction of malware. Course Outline Integrated Threat Defense Introduction ITD Products Identity Services Engine Setup Integration of Stealthwatch with Identity Services Engine Integration of Firepower with Identity Services Engine Integration of Firepower with AMP for Endpoints Lab outline Connecting to the Lab Environment Integrating ISE and Active Directory Integrating ISE and Cisco Adaptive Security Appliance (ASA) Configuring pxGrid and Client Certificates Integrating Stealthwatch with Identity Services Engine Integrating Network Visibility Module (NVM) with AnyConnect Integrating Firepower with Identity Services Engine Integrating AMP for Endpoints with Firepower

Duration 2 Days 12 CPD hours This course is intended for Security architects System designers Network administrators Operations engineers Network managers, network or security technicians, and security engineers and managers responsible for web security Cisco integrators and partners Overview After taking this course, you should be able to: Describe Cisco WSA Deploy proxy services Utilize authentication Describe decryption policies to control HTTPS traffic Understand differentiated traffic access policies and identification profiles Enforce acceptable use control settings Defend against malware Describe data security and data loss prevention Perform administration and troubleshooting This course shows you how to implement, use, and maintain Cisco© Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you?ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution?s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.This course helps you prepare to take the exam, Securing the Web with Cisco Web Security Appliance (300-725 SWSA). Describing Cisco WSA Technology Use Case Cisco WSA Solution Cisco WSA Features Cisco WSA Architecture Proxy Service Integrated Layer 4 Traffic Monitor Data Loss Prevention Cisco Cognitive Intelligence Management Tools Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration Cisco Content Security Management Appliance (SMA) Deploying Proxy Services Explicit Forward Mode vs. Transparent Mode Transparent Mode Traffic Redirection Web Cache Control Protocol Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow Proxy Bypass Proxy Caching Proxy Auto-Config (PAC) Files FTP Proxy Socket Secure (SOCKS) Proxy Proxy Access Log and HTTP Headers Customizing Error Notifications with End User Notification (EUN) Pages Utilizing Authentication Authentication Protocols Authentication Realms Tracking User Credentials Explicit (Forward) and Transparent Proxy Mode Bypassing Authentication with Problematic Agents Reporting and Authentication Re-Authentication FTP Proxy Authentication Troubleshooting Joining Domains and Test Authentication Integration with Cisco Identity Services Engine (ISE) Creating Decryption Policies to Control HTTPS Traffic Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview Certificate Overview Overview of HTTPS Decryption Policies Activating HTTPS Proxy Function Access Control List (ACL) Tags for HTTPS Inspection Access Log Examples Understanding Differentiated Traffic Access Policies and Identification Profiles Overview of Access Policies Access Policy Groups Overview of Identification Profiles Identification Profiles and Authentication Access Policy and Identification Profiles Processing Order Other Policy Types Access Log Examples ACL Decision Tags and Policy Groups Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications Defending Against Malware Web Reputation Filters Anti-Malware Scanning Scanning Outbound Traffic Anti-Malware and Reputation in Policies File Reputation Filtering and File Analysis Cisco Advanced Malware Protection File Reputation and Analysis Features Integration with Cisco Cognitive Intelligence Enforcing Acceptable Use Control Settings Controlling Web Usage URL Filtering URL Category Solutions Dynamic Content Analysis Engine Web Application Visibility and Control Enforcing Media Bandwidth Limits Software as a Service (SaaS) Access Control Filtering Adult Content Data Security and Data Loss Prevention Data Security Cisco Data Security Solution Data Security Policy Definitions Data Security Logs Performing Administration and Troubleshooting Monitor the Cisco Web Security Appliance Cisco WSA Reports Monitoring System Activity Through Logs System Administration Tasks Troubleshooting Command Line Interface

Duration 2 Days 12 CPD hours This course is intended for Network analysts Network investigators Cisco integrators and partners Overview After taking this course, you should be able to: Describe the stages of the network attack lifecycle and identify ITD solution platform placement based on a given stage Detail how to locate and mitigate email malware attacks Describe email phishing attacks and the steps taken to locate and mitigate them on the network Identify and mitigate data exfiltration threats on the network Identify malware threats on the network and mitigate those threats after investigation The Cisco Integrated Threat Defense Investigation and Mitigation (SECUR202) v1.0 course shows you how to identify, isolate, and mitigate network threats using the Cisco© Integrated Threat Defense solution platform. Through expert instruction and lab-based scenarios, you will be introduced to network threat investigation, and learn how to identify relationships between Cisco products and the stages of the attack lifecycle. This course is the second in a pair of courses (SECUR201) covering the Cisco Integrated Threat Defense (ITD) solution. Network Threat Investigation Introduction Network Attack Introduction Hunting Network Threats in the Enterprise Investigation and Mitigation of Email Malware Threats Examining Email Malware Threats Investigating and Verifying Email Malware Threat Mitigation Investigation and Mitigation of Email Phishing Threats Examining Email Phishing Attacks Configuring Cisco Email Security Appliance (ESA) for URL and Content Filtering Investigating and Verifying Email Phishing Threat Mitigation Investigation and Mitigation of Data Exfiltration Threats Exploiting Vulnerable Network Servers Investigating Data Exfiltration Threats Mitigating and Verifying Data Exfiltration Threats nvestigation and Mitigation of Malware Threats Examining Endpoint Malware Protection Investigating and Mitigating Endpoint Malware Threats