220 VPN courses

Duration 5 Days 30 CPD hours Overview Upon completing this course, you will be able to meet the following objectives: SD-WAN Overview Cloud Concepts Cloud Technologies SD-WAN Direct Cloud Access (DCA) SD-WAN SaaS Cloud On-RAMP for IAAS (AWS) Cloud On-RAMP for IAAS (AZURE) Cloud Configuration for GCP Cloud On-RAMP for MULTI-CLOUD Cloud On-RAMP for CO-LOCATIONS This is a 5 day hands-on course on Cisco SD-WAN Cloud Configuration, Monitoring and Troubleshooting. This course provides the student with the knowledge to connect SD-WAN to SaaS Applications, as well as the ability to connect their Branches to AWS, AZURE, GCP Data Centers in the Cloud. Students will also learn how to Configure, Monitor, and Troubleshoot SD-WAN Co-Locations and SD-WAN Multicloud. SD-WAN Overview SD-WAN Controller SD-WAN WAN Edges supported in Cloud Instances Cloud Concepts Cloud Ops vs WAN Ops Cloud Connectivity Cloud Access Control Cloud Network Connectivity Cloud Regions Cloud Availability Zones Virtual Networks Cloud Routing Internet Gateways VS VPN Gateways VPC/VNET: IP Addressing Cloud Network Load Balancing Cloud Peering Cloud Transit Networks Cloud Technologies Azure Azure Basics Resource Groups vNets Availability zones Availability Set Workload and Public IP Network Virtual Appliance Load Balancer User Defined Routes Network Security Group VPN Gateway Express Routes Creating VNET for SDWAN AWS AWS Basics Region VPCs Availability zones Subnets EC2 Instance Elastic IPs Security Groups Internet Gateway NAT Gateway Route Table VPN Gateway Direct Connect Elastic Load Balancer Subscribe to Amazon machine images Setting AWS resource limits AWS Transit Gateways Creating VPC for SDWAN AWS IAM Role AWS Security Groups Service limits AWS SSH key pair Google Cloud GCP Basics Project Region Virtual Private Cloud Availability Zone Subnets Compute Engine Cloud Load Balancer Cloud DNS VPC Routing Cloud VPN & VPC peering VPC Firewall Rules SD-WAN Direct Cloud Access (DCA) DCA Prerequisites DNS on VPN 0 DIA Central Policy Configuration Match Traffic Set QOS Set External Access SD-WAN SaaS Supported Platforms and Versions SaaS Prerequisites DNS on VPN 0 DIA SaaS Access Methods Cloud Access through Direct Internet Access Links Cloud Access through a Gateway Site Hybrid Approach Supported SaaS Applications SaaS Security Options SaaS Configuration Common Scenarios for Using Cloud onRamp for SaaS Specify Office 365 Traffic Category Enable Cloud onRamp for SaaS, Cisco IOS XE SD-WAN Devices Configure Applications for Cloud onRamp for SaaS Using Cisco vManage Configure Sites for Cloud onRamp for SaaS Using Cisco vManage View Details of Monitored Applications Cloud On-RAMP for IAAS (AWS) Prerequisite AWS Configuration Verify prerequisites Configure AWS for Cisco SD-WAN Cloud On-RAMP for AWS Overview Define WAN Edge Type used Define Template Attach Devices to Template Deploy Cloud Onramp AWS IAM Role Select Region Select CPU and Memory Transit Networking IP Addresses Discover and Map Host VPCs AWS to SD-WAN Security Monitor Cisco Cloud Onramp for AWS Troubleshoot Cisco Cloud Onramp for AWS Interconnecting Cisco SD-WAN with AWS Transit Gateway (TGW) Cloud On-RAMP for IAAS (AZURE) Prerequisite AZURE Configuration Cloud On-RAMP for AZURE Configure AWS for Cisco SD-WAN Define WAN Edge Type used Define Template Attach Devices to Template Deploy Cloud Onramp Select Region Discover and Map Host VPCs Monitor Cisco Cloud Onramp for Azure Troubleshoot Cisco Cloud Onramp for AZURE Azure Virtual Wan (VWAN) Integration Cloud Configuration for GCP Prerequisite GCP Configuration SD-WAN Configuration Configure Google Cloud for SD-WAN Google Cloud GCP Basics Deploy cEdge Catalyst 8000V Edges Setup IPSEC Connections Setup BGP Connections Cloud On-RAMP for MULTI-CLOUD AWS Transit Gateway Microsoft vWAN Create Cisco Cloud GW Discover host VPCs/VNets Map Branch nets to VPCs Cloud On-RAMP for CO-LOCATIONS SD-WAN CO-LOCATIONS Overview Colocation facilities Cisco Colocation Equipment Cisco Cloud Services Platform 5444 Cisco Network Function Virtualization Infrastructure Software (NFVIS) Virtual Network Functions Network Fabric Cisco Catalyst 9500-48Y4C switch Cisco Catalyst 9500-40X switch Device Configuration and Connectivity Sizing the Colocation Solution Devices Cisco Colocation Manager Deploy Network Services at the Network Edge Colocation Solution?Deployment Workflow Monitor Cisco SD-WAN Colocation Devices Cisco Colocation Manager States for Switch Configuration Cisco Colocation Manager States and Transitions from Host Cisco Colocation Manager Notifications VM Alarms Cloud Services Platform Real-Time Commands Colocation High Availability Troubleshoot Cisco SD-WAN Cloud onRamp for Colocation Solution Troubleshoot Catalyst 9500 Issues Troubleshoot Cloud Services Platform Issues DHCP IP Address Assignment Troubleshoot Cisco Colo Manager Issues Troubleshoot Service Chain Issues Troubleshoot Physical Network Function Management Issues Log Collection from CSP Troubleshoot vManage Issues Additional course details: Nexus Humans Cisco SD-WAN Cloud (SDWAN-CLD-CT) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco SD-WAN Cloud (SDWAN-CLD-CT) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for This course is recommended for technical professionals who support, install, deploy or administer Check Point products. This course is recommended for technical professionals who perform advanced deployment configurations of Check Point products. Overview CCSA Know how to perform periodic administrator tasks. Describe the basic functions of the Gaia operating system. Recognize SmartConsole features, functions, and tools. Understand how SmartConsole is used by administrators to give user access. Learn how Check Point security solutions and products work and how they protect networks. Understand licensing and contract requirements for Check Point security products. Describe the essential elements of a Security Policy. Understand the Check Point policy layer concept. Understand how to enable the Application Control and URL Filtering software. Blades to block access to various applications. Describe how to configure manual and automatic NAT. Identify tools designed to monitor data, determine threats and recognize opportunities for performance improvements. Describe different Check Point Threat Prevention solutions for network attacks. Articulate how the Intrusion Prevention System is configured, maintained and tuned. Understand the Infinity Threat Prevention system. Knowledge about Check Point's IoT Protect. CCSE Provide an overview of the upgrade service and options available. Explain how to perform management upgrade and migration. Articulate the process using CPUSE features. Articulate the purpose and function of Management High Availability. Explain Primary vs Secondary, Active vs Standby and Synchronization. Explain disaster recovery steps in case the primary management server becomes unavailable. Provide overview of Central Deployment in SmartConsole. Articulate an understanding of Security Gateway cluster upgrade methods. Explain about Multi Version Cluster (MVC) upgrades. Discuss Gaia Commands and how they are used. Explain the main processes on s and s. Describe how to work with scripts and SmartTasks to configure automatic actions. Explain the Management Data Plane Separation (MDPS) Explain kernel operations and traffic flow Articulate Dynamic and Updatable Objects in Security Gateways Explain the policy installation flow and files used. Describe the use of policy installation history. Explain concurrent and accelerated install policy. Describe an overview of APIs and ways to use and authenticate. Explain how to make changes in GAIA and management configuration. Explain how to install policy using API. Explain how the SecureXL acceleration technology enhances and optimizes Security Gateway performance. Learn basic concepts and develop skills necessary to administer IT security fundamental tasks. CCSA Outline Configure the Security Management Server. Use the WebUI to run the First Time Wizard. Install the Smart Console. Install the Alpha Gateway using the network detailed in the course topology. Demonstrate how the Security Management Server and Gateway communicate. Test SIC Status. Create multiple administrators and apply different roles and permissions for simultaneous administration. Validate existing licenses for products installed on the network. Create and configure host, network and group objects. Create a simplified Security Policy. Demonstrate how to use Security Zones in policy. Demonstrate how to share a layer between Security Polices. Configure Network Address Translation for server and network objects. Enable Identity Awareness. Deploy user access roles for more granular control of the security Policy. Generate network Traffic and use traffic visibility tools to monitor the data. Use SmartConsole and SmartView Monitor to view status, alerts, and block suspicious traffic. CCSE Outline Prepare for a Security Management Server Upgrade Upgrade the Security Management Server Deploy a Secondary Security Management Server Configure a Distributed Log Server Upgrade a Security Gateway from SmartConsole Work with the Command Line Use Scripts and SmartTasks Configure Dynamic Objects Monitor Traffic Verify Policy Installation and Status Work with Gaia and Management APIs Work with Acceleration Features Configure a Locally Managed Site to Site VPN Configure a Site to Site VPN with an Interoperable Device Configure Remote Access VPN Configure Mobile Access VPN Configure a High Availability Cluster Work with ClusterXL Configure Policy Compliance Deploy SmartEvent

IPsec training course description This hands on course focuses on IPsec VPNs. Rather than focusing on one implementation this course concentrates on the technologies and protocols of IPsec. Starting with an overview of the complete IPsec architecture the course then moves onto ESP packet analysis along with encryption and authentication provided. IKEv1 and IKEv2 are both covered in detail. Having covered IPsec with pre shared keys the course then moves onto IPsec with certificates followed by IPsec issues. The course is vendor neutral with hands on with both Cisco and Microsoft implementations. What will you learn Explain how IPsec works. Explain the role of AH, ESP and IKE. Configure IPsec. Troubleshoot IPsec. IPsec training course details Who will benefit: Technical staff working with IPsec. Prerequisites: Definitive IP VPNs for engineers. Duration 3 days IPsec training course contents What is IPsec? How to spell IPsec, IPsec is IP security, confidentiality, integrity, authenticity, replay protection, what is a VPN? Network layer security, IPsec and IPv4, IPsec and IPv6, the suite of protocols, the standard, IPsec RFCs, IPsec history. Hands on Analysis of 'normal' IP packets. IPsec architecture The IPsec protocols, AH vs ESP, Why two headers? transport mode, tunnel mode, Remote access VPNs, site to site VPNs, security associations, SA database, Security Parameters Index, implementations: Host tack, Bump in the Stack, Bump in the Wire. Hands on Configuring IPsec. AH What AH does, the stack, The AH header, What is authenticated? Device authentication. AH in transport mode, AH in tunnel mode. Hands on AH packet analysis. ESP What ESP does, the ESP header, ESP in transport mode, ESP in tunnel mode, ESP and SA, ESP and SPI. Hands on ESP packet analysis, policy configuration. IPsec encryption IPsec is a framework, standard algorithms, ESP keys, the role of IKE, key lifetimes, how IKE generates the keys, DES, 3DES, AES, cipher block chaining, counter mode, other encryption. Hands on Encryption configuration. IPsec authentication Authentication types, IPsec authentication, Authentication algorithms: MD5, keyed SHA-1, HMAC-MD5, HMAC-SHA-1, HMAC-RIPEMD, other authentication algorithms. Hands on Authentication configuration. IKE Internet Key Exchange, IKE and the SAD, the two phase negotiation, ISAKMP, ISAKMP header, pre shared keys, digital signatures, public key encryption, Diffie Hellman, proposals, counter proposals, nonces, identities, phase 1 negotiation: main mode, aggressive mode, base mode. Phase 2 negotiation: quick mode, new group mode. Hands on IKE packet analysis. More IKE PFS, IKE and dynamic addresses, XAUTH, hybrid authentication, CRACK, ULA, PIC. User level authentication. IKE renegotiation, heartbeats. Hands on Troubleshooting IPsec. IKEv2 The IKEv2 exchange, IKE_SA_INIT, IKE_AUTH, CREATE_CHILD_SA, IKEv2 packets, the informational exchange. Comparing IKev1 vs IKE v2. Hands on IKEv2 configuration and analysis. PKI What is PKI?, Digital certificates, Certificate authorities, CA servers, RA, VA, certificates, CA hierarchy, CRLs, certificate formats. Hands on installing and configuring certificate servers. IPsec issues NAT, IPsec overhead and fragmentation. Summary IPsec strengths and weaknesses. Where to get further information.

Duration 4 Days 24 CPD hours This course is intended for The primary audience for this course is system installers, system integrators, system administrators, network administrators, and solutions designers. Overview At the end of this course, you will be able to: Describe the NSO's transactional application framework and mapping model options Describe the Reactive Fastmap design pattern and the NSO Configuration Database (CDB) subscriber in the NSO Transaction model Simplify packages to remove the need for subscriber applications, scale orchestration solutions, and integrate NSO with external systems (east-west integration)Describe the Cisco ESC architecture and integration with NSO, and how the NSO VNF Orchestration (VNFO) Release 2 bundle interacts with ESC for orchestration This course explores how to create advanced services using the NSO application framework and Python scripting with both new and existing Layer 3 Multiprotocol Label Switching (MPLS) VPN services. Students will also learn how to manage and scale these services, and how to use NSO Network Functions Virtualization (NFV) orchestration features and Cisco Elastic Services Controller (ESC) to manage Virtualized Network Functions (VNFs). Cisco NSO Programmability NSO Application Framework NSO Python Scripting NSO Python and Template-Based Services Resources Augmenting Cisco NSO Service Service Lifecycle and Integration Options Overview Greenfield Layer 3 MPLS VPN Service Brownfield Layer 3 MPLS VPN Service Managed Services Managed Services Overview Stacked Service Design Overview Design-Managed Network Services Scaling Service Orchestration Cisco NSO Network Functions Virtualization (NFV) Orchestration ETSI MANO Cisco ESC Cisco NSO Orchestration Additional course details: Nexus Humans Cisco Network Services Orchestrator Advanced Design (NSO300) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco Network Services Orchestrator Advanced Design (NSO300) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Jamf training course, Jamf 370

Duration 5 Days 30 CPD hours This course is intended for Experienced system administrators and network administrators Network and security professionals who work with enterprise and data center networks Overview By the end of the course, you should be able to meet the following objectives: Use the native tools available in NSX-T Data Center to identify and troubleshoot the problems related to the NSX-T Data Center environment Use VMware vRealize Log Insight™ and VMware vRealize Network Insight™ to identify and troubleshoot the problems related to the NSX-T Data Center environment Explain the NSX-T Data Center infrastructure components and the communications between them Identify, analyze, and troubleshoot problems related to the management, control, and data planes in NSX-T Data Center Identify, analyze, and troubleshoot problems related to infrastructure preparation in NSX-T Data Center Identify, analyze, and troubleshoot problems related to logical switching and logical routing in NSX-T Data Center Identify, analyze, and troubleshoot network security problems related to the NSX-T Data Center Distributed and Gateway firewalls Identify, analyze, and troubleshoot problems related to VPN and the VMware NSX Advanced Load Balancer™ Identify the components and packet flows involved in the NSX-T Data Center datapath and troubleshoot related problems This five-day, hands-on training course provides the advanced knowledge, skills, and tools to achieve competency in operating and troubleshooting the VMware NSX-T? Data Center environment. In this course, you are introduced to workflows of various networking and security constructs along with several operational and troubleshooting tools that help you manage and troubleshoot your NSX-T Data Center environment.In addition, you are presented with various types of technical problems, which you will identify, analyze, and solve through a systematic process. Course Introduction Introduction and course logistics Course objectives NSX-T Data Center Operations and Tools Explain and validate the native troubleshooting tools (dashboards, Traceflow, live traffic analysis, port mirroring) for the NSX-T Data Center environment Configure syslog, IPFIX, and log collections for the NSX-T Data Center environment Integrate NSX-T Data Center with vRealize Log Insight and vRealize Network Insight Validate and review the API methods available to configure the NSX-T Data Center environment Troubleshooting the NSX Management Cluster Describe the NSX Management cluster architecture, components, and communication channels Identify the workflows involved in configuring the NSX Management cluster Validate and troubleshoot the NSX Management cluster formation Troubleshooting Infrastructure Preparation Describe the data plane architecture, components, and communication channels Explain and troubleshoot VMware ESXi? transport node preparation issues Explain and troubleshoot KVM transport node preparation issues Explain and troubleshoot VMware NSX© Edge? transport node preparation issue Troubleshooting Logical Switching Describe the architecture of logical switching List the modules and processes involved in configuring logical switching Explain the importance of N-VDS and VDS in transport nodes Describe the procedure to migrate from N-VDS to VDS Review the architecture and workflows involved in attaching workloads to segments Identify and troubleshoot common logical switching issues Troubleshooting Logical Routing Review the architecture of logical routing and NSX Edge nodes Explain the workflows involved in the configuration of Tier-0 and Tier-1 gateways Explain the high availability modes and validate logical router placements Identify and troubleshoot common logical routing issues using both BGP and OSPF Troubleshooting Security Review the architecture of the Distributed Firewall Explain the workflows involved in configuring the Distributed Firewall Review the architecture of the Gateway Firewall Explain the workflows involved in configuring the Gateway Firewall Identify and troubleshoot common distributed firewall and Gateway Firewall issues Troubleshooting the NSX Advanced Load Balancer and VPN Services Review the NSX Advanced Load Balancer architecture and components Identify and troubleshoot common NSX Advanced Load Balancer issues Review of IPsec and L2 VPN architecture and components Identify and troubleshoot common IPsec and L2 VPN issues Datapath Walkthrough Verify and validate the path of the packet on the NSX datapath (East-West and South-North) Identify and perform packet captures at various points in the datapath Use NSX CLI and native hypervisor commands to retrieve configurations involved in the NSX datapath

Take your basic cyber security knowledge to a new level with this exciting course that promises to be educational, informative, and fun-filled. Build upon a basic foundation in cyber security with a strong focus on networking, privacy and anonymity, malware, email security, backups and encryption, and Windows 10 Hardening.

Duration 5 Days 30 CPD hours This course is intended for The primary audience for this course is as follows - IT Staff and Managers - Network and systems personnel and engineers - Small to mid-sized organizations that require fundamental knowledge on networking terms/concepts and configuration guidance for Meraki equipment This also includes organizations looking to implement remote sites, provide a guest wireless solution, and collect user analytics Overview Upon completing this course, the student will be able to meet these objectives: Students will be able to Deploy and Manage a Meraki Network using the Meraki Dashboard - Deploy, Manage, Monitor and Troubleshoot Meraki MS Switches - Deploy, Manage, Monitor and Troubleshoot Meraki MR Wireless Access Points - Deploy, Manage, Monitor and Troubleshoot Meraki MX Firewall Appliances - Deploy, Manage, Monitor and Troubleshoot Meraki MV IP Video Cameras - Deploy, Manage, Monitor and Troubleshoot Meraki MC Phones - Deploy, Manage, Monitor and Troubleshoot Meraki Systems Manager - Deploy, Manage, Monitor and Troubleshoot Meraki SDWAN This course familiarizes individuals with networking concepts and demonstrates how to effectively use Meraki products to build a comprehensive network Cisco/Meraki Product Line Introduction MS - Switching MR - Wireless LAN MX - Security MV ? Camera MC - Voice SD-WAN Cisco/Meraki Cloud Management Introduction to cloud management The dashboard and navigation Organizations & Networks ? what is the difference and how to use them System-wide parameters (organization parameters) Cisco/Meraki Dashboard Administration Creating and implementing maps Summary Report and Auto Generation Reports Adding administrators and tweaking security levels Using Tags and Configuring Alerting (SNMP, email) Adding admins, configuring reports, and alerts Firmware Management Configuring Authentication Lab 1 Lab 2 Configuring external authentication Configuring Group Policies Device Replacement Location Analytics Other advanced analytics Cisco/Meraki Switching Review switching basics Review Meraki L2 Switch Models Configuring Meraki Switches Troubleshooting / Diagnostics Lab 3 Cisco/Meraki Routing Review routing basic (IP Addresses, Networks and Masks, OSPF, etc.) Review Meraki L3 switch Models Configuring Meraki Switches for Routing Lab 4 Cisco/Meraki Wireless Review Wireless Basics Meraki Wireless Product Review Performing a Site Survey Configuring Access Points Lab 5 Cisco/Meraki Firewalls/Security Review firewall basics Meraki Firewall Model Review Configuring a Meraki Firewall Lab 6 IP Cameras MV21 vs MV71 Installing Cameras Adding Cameras to the Dashboard Managing MV Cameras Troubleshooting Cameras Lab 7 Meraki Communications QOS Voice Security Deploying Meraki MC74 Phones Deploying Cisco IP Phones to CUCM Deploying Voice Features End User Lab 8 Meraki Systems Manager Controlling Wireless Device Policies Enrolling Devices Apps Profiles Tags Security Policies Geofencing Policies Lab 9 Meraki SDWAN What is SD-WAN? Concentrator Mode VPN Topology Split Tunnel Full Tunnel Hub and Spoke VPN Mesh Datacenter Redundancy (DC-DC Failover) Warm Spare (High Availability) for VPN concentrators Connection Monitor Dual-Active VPN uplinks Policy-based Routing Dynamic Path Selection SD-WAN Objectives Example Topology High Level Traffic Flow SD-WAN Technologies Deploying a one-armed concentrator Dashboard Configuration Other Datacenter Configuration MX IP Assignment Upstream Considerations Datacenter Redundancy (DC-DC Failover) High-level architecture Failover Times Datacenter Deployment Branch Deployment Lab 10 Meraki Support Getting support for Meraki Finding the Right Documentation Posting in the Community Troubleshooting Meraki Connectivity Issues Resetting Devices. Additional course details: Nexus Humans Implementing and Configuring Meraki Technologies v1.0 (ICMT - CT) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Implementing and Configuring Meraki Technologies v1.0 (ICMT - CT) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for This course is for Azure Security Engineers who are planning to take the associated certification exam, or who are performing security tasks in their day-to-day job. This course would also be helpful to an engineer that wants to specialize in providing security for Azure-based digital platforms and play an integral role in protecting an organization's data. This course provides IT Security Professionals with the knowledge and skills needed to implement security controls, maintain an organization?s security posture, and identify and remediate security vulnerabilities. This course includes security for identity and access, platform protection, data and applications, and security operations. Prerequisites AZ-104T00 - Microsoft Azure Administrator Security best practices and industry security requirements such as defense in depth, least privileged access, role-based access control, multi-factor authentication, shared responsibility, and zero trust model. Be familiar with security protocols such as Virtual Private Networks (VPN), Internet Security Protocol (IPSec), Secure Socket Layer (SSL), disk and data encryption methods. Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration, instead the course content builds on that knowledge by adding security specific information. Have experience with Windows and Linux operating systems and scripting languages. Course labs may use PowerShell and the CLI. 1 - Manage identities in Microsoft Entra ID Secure users in Microsoft Entra ID Secure groups in Microsoft Entra ID Recommend when to use external identities Secure external identities Implement Microsoft Entra Identity protection 2 - Manage authentication by using Microsoft Entra ID Configure Microsoft Entra Verified ID Implement multifactor authentication (MFA) Implement passwordless authentication Implement password protection Implement single sign-on (SSO) Integrate single sign-on (SSO) and identity providers Recommend and enforce modern authentication protocols 3 - Manage authorization by using Microsoft Entra ID Configure Azure role permissions for management groups, subscriptions, resource groups, and resources Assign built-in roles in Microsoft Entra ID Assign built-in roles in Azure Create and assign a custom role in Microsoft Entra ID Implement and manage Microsoft Entra Permissions Management Configure Microsoft Entra Privileged Identity Management Configure role management and access reviews by using Microsoft Entra Identity Governance Implement Conditional Access policies 4 - Manage application access in Microsoft Entra ID Manage access to enterprise applications in Microsoft Entra ID, including OAuth permission grants Manage app registrations in Microsoft Entra ID Configure app registration permission scopes Manage app registration permission consent Manage and use service principals Manage managed identities for Azure resources Recommend when to use and configure a Microsoft Entra Application Proxy, including authentication 5 - Plan and implement security for virtual networks Plan and implement Network Security Groups (NSGs) and Application Security Groups (ASGs) Plan and implement User-Defined Routes (UDRs) Plan and implement Virtual Network peering or gateway Plan and implement Virtual Wide Area Network, including secured virtual hub Secure VPN connectivity, including point-to-site and site-to-site Implement encryption over ExpressRoute Configure firewall settings on PaaS resources Monitor network security by using Network Watcher, including NSG flow logging 6 - Plan and implement security for private access to Azure resources Plan and implement virtual network Service Endpoints Plan and implement Private Endpoints Plan and implement Private Link services Plan and implement network integration for Azure App Service and Azure Functions Plan and implement network security configurations for an App Service Environment (ASE) Plan and implement network security configurations for an Azure SQL Managed Instance 7 - Plan and implement security for public access to Azure resources Plan and implement Transport Layer Security (TLS) to applications, including Azure App Service and API Management Plan, implement, and manage an Azure Firewall, Azure Firewall Manager and firewall policies Plan and implement an Azure Application Gateway Plan and implement an Azure Front Door, including Content Delivery Network (CDN) Plan and implement a Web Application Firewall (WAF) Recommend when to use Azure DDoS Protection Standard 8 - Plan and implement advanced security for compute Plan and implement remote access to public endpoints, Azure Bastion and just-in-time (JIT) virtual machine (VM) access Configure network isolation for Azure Kubernetes Service (AKS) Secure and monitor AKS Configure authentication for AKS Configure security for Azure Container Instances (ACIs) Configure security for Azure Container Apps (ACAs) Manage access to Azure Container Registry (ACR) Configure disk encryption, Azure Disk Encryption (ADE), encryption as host, and confidential disk encryption Recommend security configurations for Azure API Management 9 - Plan and implement security for storage Configure access control for storage accounts Manage life cycle for storage account access keys Select and configure an appropriate method for access to Azure Files Select and configure an appropriate method for access to Azure Blob Storage Select and configure an appropriate method for access to Azure Tables Select and configure an appropriate method for access to Azure Queues Select and configure appropriate methods for protecting against data security threats, including soft delete, backups, versioning, and immutable storage Configure Bring your own key (BYOK) Enable double encryption at the Azure Storage infrastructure level 10 - Plan and implement security for Azure SQL Database and Azure SQL Managed Instance Enable database authentication by using Microsoft Entra ID Enable and monitor database audit Identify use cases for the Microsoft Purview governance portal Implement data classification of sensitive information by using the Microsoft Purview governance portal Plan and implement dynamic mask Implement transparent data encryption? Recommend when to use Azure SQL Database Always Encrypted 11 - Plan, implement, and manage governance for security Create, assign, and interpret security policies and initiatives in Azure Policy Configure security settings by using Azure Blueprint Deploy secure infrastructures by using a landing zone Create and configure an Azure Key Vault Recommend when to use a dedicated Hardware Security Module (HSM) Configure access to Key Vault, including vault access policies and Azure Role Based Access Control Manage certificates, secrets, and keys Configure key rotation Configure backup and recovery of certificates, secrets, and keys 12 - Manage security posture by using Microsoft Defender for Cloud Implement Microsoft Defender for Cloud Identify and remediate security risks by using the Microsoft Defender for Cloud Secure Score and Inventory Assess compliance against security frameworks and Microsoft Defender for Cloud Add industry and regulatory standards to Microsoft Defender for Cloud Add custom initiatives to Microsoft Defender for Cloud Connect hybrid cloud and multicloud environments to Microsoft Defender for Cloud Identify and monitor external assets by using Microsoft Defender External Attack Surface Management 13 - Configure and manage threat protection by using Microsoft Defender for Cloud Enable workload protection services in Microsoft Defender for Cloud, including Microsoft Defender for Storage, Databases, Containers, App Service, Key Vault, Resource Manager, and DNS Configure Microsoft Defender for Servers Configure Microsoft Defender for Azure SQL Database Manage and respond to security alerts in Microsoft Defender for Cloud Configure workflow automation by using Microsoft Defender for Cloud Evaluate vulnerability scans from Microsoft Defender for Server 14 - Configure and manage security monitoring and automation solutions Monitor security events by using Azure Monitor Configure data connectors in Microsoft Sentinel Create and customize analytics rules in Microsoft Sentinel Configure automation in Microsoft Sentinel Additional course details: Nexus Humans AZ-500T00 Microsoft Azure Security Technologies training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the AZ-500T00 Microsoft Azure Security Technologies course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

CCNA training course description The Implementing and Administering Cisco Solutions (CCNA) course gives you a broad range of fundamental knowledge for all IT careers. Through a combination of lecture, hands-on labs, and self-study, you will learn how to install, operate, configure, and verify basic IPv4 and IPv6 networks. The course covers configuring network components such as switches, routers, and wireless LAN controllers; managing network devices; and identifying basic security threats. It also gives a foundation in network programmability, and software-defined networking What will you learn Install, configure, and operate a small to medium sized network Gain a foundation in the essentials of networking, security, and automation Prepare for the 200-301 CCNA exam, which earns CCNA certification CCNA training course details Who will benefit: Network support help desk technicians involved in the basic installation, operation, and verification of Cisco networks. Anyone seeking CCNA certification. Prerequisites: Introduction to Data communications & networking Duration 5 days CCNA training course content After taking this course, you should be able to: Identify the components of a computer network and describe their basic characteristics. Understand the model of host-to-host communication. Describe the Cisco IOS software. Describe LANs and the role of switches within LANs. Describe Ethernet and describe the operation of switches. Install a switch and perform the initial configuration. Describe the TCP/IP Internet layer, IPv4, its addressing scheme, and subnetting. Describe the TCP/IP Transport and Application layers Explore functions of routing. Implement basic configuration on a Cisco router. Explain host-to-host comms across switches and routers. Identify and resolve common switched network issues and common problems associated with IPv4 addressing. Describe IPv6 main features and addresses, and configure and verify basic IPv6 connectivity. Describe static routing. Describe, implement, and verify VLANs and trunks. Describe inter VLAN routing. Explain the basics of dynamic routing protocols and describe components and terms of OSPF. Explain how STP and RSTP work. Configure link aggregation using EtherChannel. Describe the purpose of Layer 3 redundancy protocols. Describe basic WAN and VPN concepts. Describe the operation of access control lists (ACLs) and their applications in the network. Configure Internet access using DHCP clients and explain and configure NAT on Cisco routers. Describe basic QoS concepts. Describe the concepts of wireless networks, which types of wireless networks can be built, and how to use Wireless LAN Controllers (WLCs). Describe network and device architectures, introduce virtualization, network programmability and SDN and describe smart network management solutions such as Cisco DNA Center™, SD-Access, and SD-WAN. Configure basic IOS system monitoring tools. Describe the management of Cisco devices. Describe the current security threat landscape. Describe threat defence technologies. Implement a basic security configuration of the device management plane. Implement basic steps to harden network devices. Detailed course outline Exploring the Functions of Networking. The Host-to-Host Communications Model. Operating Cisco IOS Software. Introducing LANs. Exploring the TCP/IP Link Layer. Starting a Switch. The TCP/IP IP layer, IPv4 Addressing, and Subnets. The TCP/IP Transport Layer and Application Layer. Exploring the Functions of Routing. Configuring a Cisco Router. Exploring the Packet Delivery Process. Troubleshooting a Simple Network. Introducing Basic IPv6. Configuring Static Routing. Implementing VLANs and Trunks. Routing Between VLANs. Introducing OSPF. Redundant Switched Topologies with EtherChannel. Explaining Basics of ACL. Enabling Internet Connectivity. Explaining the Evolution of Intelligent Networks. Introducing System Monitoring. Managing Cisco Devices. Securing Administrative Access. Implementing Device Hardening. Self-Study: Building Redundant Switched Topologies. Exploring Layer 3 Redundancy. Introducing WAN Technologies. Introducing QoS. Explaining Wireless Fundamentals. Introducing Architectures and Virtualization. Examining the Security Threat Landscape. Threat Defense Technologies.