143 Courses

Duration 0.5 Days 3 CPD hours This course is intended for Security EngineersNetwork Engineers Overview This course is intended to provide a top-level overview of Palo Alto Networks© Traps? Endpoint protection product. Upon completion of the class the student will be able to understand these principles: Explain the core technologies of Traps? and how it differs from traditional signature recognition technologies. Understand the advantages of these technologies over existing solutions. Understand Traps? product architecture and deployment requirements. Installation requirements for Traps? installations. Deploy Exploit Prevention Module defenses to endpoints with Policies. Deploy Malware Protection defenses to endpoints. Provide Application Execution Control in conjunction with WildFire?. Understand deployment strategies and tactics for Workstations, VDI and Server endpoints. Gather and analyze Security Event reports and forensics. Foundation classes are just introductory trainings, NOT a full technical training. Compromise isn?t inevitable, or, at least, it shouldn?t be. Traditional endpoint protection simply cannot keep up with the rapidly evolving threat landscape, leaving organizations vulnerable to advanced attacks. A new approach is needed, one that can rebuild confidence in endpoint security. This new approach needs to prevent advanced attacks originating from executables, data files or network-based exploits ? known and unknown ? before any malicious activity could successfully run. Palo Alto Networks© call this ?advanced endpoint protection.? By focusing on the attacker?s core techniques and putting up barriers to mitigate them, the attacker?s path for exploitation becomes known, even when the attack isn?t. Traps? focuses on the core techniques leveraged by exploits in advanced cyberattacks and renders these techniques ineffective by breaking the exploit sequence and blocking the technique the moment it is attempted. IntroductionThe Traps? technology alternative to endpoint defenseTraps? Exploit and Malware protectionTraps? Product ArchitectureTraps? DeploymentTraps? Exploit Policy ManagementTraps? Malware Protection PoliciesTraps? ForensicsPractical Traps? Implementation considerations Additional course details: Nexus Humans Palo Alto Networks - Foundations of Palo Alto Networks Traps Endpoint protection (EDU-180) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Palo Alto Networks - Foundations of Palo Alto Networks Traps Endpoint protection (EDU-180) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 1 Days 6 CPD hours This course is intended for Security Engineers Network Engineers Support staff Overview This course is intended to provide an understanding of Palo Alto Networks Next-Generation firewall technologies enable the student to perform a basic installation of Palo Alto Networks Next-Generation firewalls. Upon completion of this course, students will be able to: Explain the features and advantages of the Palo Alto Networks next-generation firewall architecture Understand the capabilities of App-ID, Content-ID, and User-ID Perform the basic configuration of the firewall including: Interfaces and virtual routers NAT Policies Security zones Objects Security policies Content security profiles View logs and basic reports This course was formerly named Palo Alto Networks Foundations of Next Generation Firewalls (EDU-150). ** Our foundation classes are just introductory trainings, NOT a full technical training. Your network has expanded beyond your organization\'s boundaries. Cloud locations and remote users (often using personal devices) have \'distributed\' the surface you need to both enable and protect.At the same time, the motivations of attackers and their sophistication have continued to evolve.Palo Alto Networks' next-generation firewalls are all based on a consistent Single-Pass Architecture, enabling security capability that is unique in the industry. This architecture is implemented in a portfolio of both physical and virtual appliances, designed to cover a range of performance and use case requirements.Features and management are consistent across the portfolio. Integration with GlobalProtect? mobile security service extends policy-based security to mobile devices (whether on-premises or remote). Integration with our threat intelligence services keeps information up to date for the firewall (e.g., URL categories, threat signatures). WildFire? cloud-based malware analysis environment integration supports a rapid \'feedback loop\' that enables the firewall to stop advanced threats throughout the attack lifecycle. Course Outline Module 0: Introduction Module 1: Platforms & Architecture Module 2: Getting Started Module 3: Basic Administration Module 4: Connectivity Module 5: Security Module 6: Logging & Reporting Additional course details: Nexus Humans Palo Alto Networks : Strata Foundations training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Palo Alto Networks : Strata Foundations course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 1 Days 6 CPD hours This course is intended for This course is intended for: Solutions architects, security DevOps, and security engineers Overview In this course, you will learn to: Establish a landing zone with AWS Control Tower Configure AWS Organizations to create a multi-account environment Implement identity management using AWS Single Sign-On users and groups Federate access using AWS SSO Enforce policies using prepackaged guardrails Centralize logging using AWS CloudTrail and AWS Config Enable cross-account security audits using AWS Identity and Access Management (IAM) Define workflows for provisioning accounts using AWS Service Catalog and AWS Security Hub Security is foundational to AWS. Governance at scale is a new concept for automating cloud governance that can help companies retire manual processes in account management, budget enforcement, and security and compliance. By automating common challenges, companies can scale without inhibiting agility, speed, or innovation. In addition, they can provide decision makers with the visibility, control, and governance necessary to protect sensitive data and systems.In this course, you will learn how to facilitate developer speed and agility, and incorporate preventive and detective controls. By the end of this course, you will be able to apply governance best practices. Course Introduction Instructor introduction Learning objectives Course structure and objectives Course logistics and agenda Module 1: Governance at Scale Governance at scale focal points Business and Technical Challenges Module 2: Governance Automation Multi-account strategies, guidance, and architecture Environments for agility and governance at scale Governance with AWS Control Tower Use cases for governance at scale Module 3: Preventive Controls Enterprise environment challenges for developers AWS Service Catalog Resource creation Workflows for provisioning accounts Preventive cost and security governance Self-service with existing IT service management (ITSM) tools Module 4: Detective Controls Operations aspect of governance at scale Resource monitoring Configuration rules for auditing Operational insights Remediation Clean up accounts Module 5: Resources Explore additional resources for security governance at scale Additional course details: Nexus Humans AWS Security Governance at Scale training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the AWS Security Governance at Scale course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for Network security engineers Network security architects ISE administrators Senior Security Operations Center (SOC) personnel responsible for Incidence Response Cisco integrators and partners Overview After taking this course, you should be able to: Describe the Cisco Identity Services Engine (ISE) Explain Cisco ISE deployment Describe Cisco ISE policy enforcement components Describe Cisco ISE policy configuration Troubleshoot Cisco ISE policy and third-party Network Access Device (NAD) support Configure guest access Configure hotspots and guest portals Describe the Cisco ISE profiler services Describe profiling best practices and reporting Configure a Cisco ISE BYOD solution Configure endpoint compliance Configure client posture services Configure Cisco ISE device administration Describe Cisco ISE TrustSec configurations The Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 course teaches you to deploy and use Cisco© Identity Services Engine (ISE) v3.x, an identity and access control policy platform that simplifies the delivery of consistent, highly secure access control across wired, wireless, and VPN connections. This hands-on course provides you with the knowledge and skills to implement and apply Cisco ISE capabilities to support use cases for Zero Trust security posture. These use cases include tasks such as policy enforcement, profiling services, web authentication and guest access services, BYOD, endpoint compliance services, and Terminal Access Controller Access Control Server (TACACS+) device administration. Through hands-on practice via lab exercises, you will learn how to use Cisco ISE to gain visibility into what is happening in your network, streamline security policy management, and contribute to operational efficiency. This course helps you prepare to take the Implementing and Configuring Cisco Identity Services Engine (300-715 SISE) exam, which leads to CCNP© Security and the Cisco Certified Specialist - Security Identity Management Implementation certifications. This course also earns you 40 Continuing Education (CE) credits toward recertification Course Outline Introducing Cisco ISE Architecture Introducing Cisco ISE Deployment Introducing Cisco ISE Policy Enforcement Components Introducing Cisco ISE Policy Configuration Troubleshooting Cisco ISE Policy and Third-Party NAD Support Introducing Web Authentication and Guest Services Configuring Hotspots and Guest Portals Introducing the Cisco ISE Profiler Introducing Profiling Best Practices and Reporting Configuring Cisco ISE BYOD Introducing Cisco ISE Endpoint Compliance Services Configuring Client Posture Services and Compliance Working With Network Access Devices Exploring Cisco TrustSec Additional course details: Nexus Humans Cisco Implementing and Configuring Cisco Identity Services Engine v4.0 (SISE) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco Implementing and Configuring Cisco Identity Services Engine v4.0 (SISE) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for Security architects System designers Network administrators Operations engineers Network managers, network or security technicians, and security engineers and managers responsible for web security Cisco integrators and partners Overview After taking this course, you should be able to: Describe Cisco WSA Deploy proxy services Utilize authentication Describe decryption policies to control HTTPS traffic Understand differentiated traffic access policies and identification profiles Enforce acceptable use control settings Defend against malware Describe data security and data loss prevention Perform administration and troubleshooting This course shows you how to implement, use, and maintain Cisco© Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you?ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution?s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.This course helps you prepare to take the exam, Securing the Web with Cisco Web Security Appliance (300-725 SWSA). Describing Cisco WSA Technology Use Case Cisco WSA Solution Cisco WSA Features Cisco WSA Architecture Proxy Service Integrated Layer 4 Traffic Monitor Data Loss Prevention Cisco Cognitive Intelligence Management Tools Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration Cisco Content Security Management Appliance (SMA) Deploying Proxy Services Explicit Forward Mode vs. Transparent Mode Transparent Mode Traffic Redirection Web Cache Control Protocol Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow Proxy Bypass Proxy Caching Proxy Auto-Config (PAC) Files FTP Proxy Socket Secure (SOCKS) Proxy Proxy Access Log and HTTP Headers Customizing Error Notifications with End User Notification (EUN) Pages Utilizing Authentication Authentication Protocols Authentication Realms Tracking User Credentials Explicit (Forward) and Transparent Proxy Mode Bypassing Authentication with Problematic Agents Reporting and Authentication Re-Authentication FTP Proxy Authentication Troubleshooting Joining Domains and Test Authentication Integration with Cisco Identity Services Engine (ISE) Creating Decryption Policies to Control HTTPS Traffic Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview Certificate Overview Overview of HTTPS Decryption Policies Activating HTTPS Proxy Function Access Control List (ACL) Tags for HTTPS Inspection Access Log Examples Understanding Differentiated Traffic Access Policies and Identification Profiles Overview of Access Policies Access Policy Groups Overview of Identification Profiles Identification Profiles and Authentication Access Policy and Identification Profiles Processing Order Other Policy Types Access Log Examples ACL Decision Tags and Policy Groups Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications Defending Against Malware Web Reputation Filters Anti-Malware Scanning Scanning Outbound Traffic Anti-Malware and Reputation in Policies File Reputation Filtering and File Analysis Cisco Advanced Malware Protection File Reputation and Analysis Features Integration with Cisco Cognitive Intelligence Enforcing Acceptable Use Control Settings Controlling Web Usage URL Filtering URL Category Solutions Dynamic Content Analysis Engine Web Application Visibility and Control Enforcing Media Bandwidth Limits Software as a Service (SaaS) Access Control Filtering Adult Content Data Security and Data Loss Prevention Data Security Cisco Data Security Solution Data Security Policy Definitions Data Security Logs Performing Administration and Troubleshooting Monitor the Cisco Web Security Appliance Cisco WSA Reports Monitoring System Activity Through Logs System Administration Tasks Troubleshooting Command Line Interface

Duration 3 Days 18 CPD hours This course is intended for This course is designed for the following roles: Network engineers Network security engineers Network architects Sales/presales engineers Overview After taking this course, you should be able to: Describe Cisco SD-WAN security functions and deployment options Understand how to deploy on-premises threat prevention Describe content filtering options Implement secure Direct Internet Access (DIA) Explain and implement service chaining Explore Secure Access Service Edge (SASE) and identify use cases Describe Cisco Umbrella Secure Internet Gateway (SIG) and deployment options Implement Cisco Umbrella SIG and Domain Name System (DNS) policies Explore and implement Cloud Access Security Broker (CASB) and identify use cases (including Microsoft 365) Describe how to use Cisco ThousandEyes to monitor cloud services Configure Cisco ThousandEyes to monitor Microsoft 365 applications Examine how to protect and optimize access to the Software as a Service (SaaS) application with Cisco SD-WAN Cloud OnRamp Describe and deploy Cloud OnRamp for multi-cloud, including interconnect and colocation use cases Examine Cisco SD-WAN monitoring capabilities and features with vManage and vAnalytics The Implementing Cisco SD-WAN Security and Cloud Solutions (SDWSCS) v1.0 course is an advanced training course focused on Cisco SD-WAN security and cloud services. Through a series of labs and lectures you will learn about on-box security services, including application-aware enterprise firewall, intrusion prevention, URL filtering, malware protection, and Transport Layer Security (TLS) or Secure Socket Layer (SSL) decryption. You will also learn about cloud integration with multiple cloud service providers across multiple use cases. Additionally, the course labs will allow you to configure and deploy local security services and cloud security services with the Cisco Umbrella Secure Internet Gateway (SIG), as well as integrate the Cisco SD-WAN fabric with a cloud service provider using the Cisco vManage automated workflows. The course lab environment is built using Cisco Catalyst 8000v IOS XE routers and Cisco SD-WAN 20.7 code, and it includes the integration of Cisco FirePOWER Threat Defense for network security and Cisco ThousandEyes for network monitoring. The course will allow you to earn 24 Continuing Education (CE) credits toward recertification. Course Outline Introducing Cisco SD-WAN Security Deploying On-Premises Threat Prevention Examining Content Filtering Exploring Cisco SD-WAN Dedicated Security Options Examining Cisco SASE Exploring Cisco Umbrella SIG Securing Cloud Applications with Cisco Umbrella SIG Exploring Cisco SD-Wan ThousandEyes Optimizing SaaS Applications Connecting Cisco SD-WAN to Public Cloud Examining Cloud Interconnect Solutions Exploring Cisco Cloud OnRamp for Colocation Monitoring Cisco SD-WAN Cloud and Security Solutions Additional course details: Nexus Humans Cisco SD-WAN Security and Cloud Onboarding v1.0 (SDWSCS) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco SD-WAN Security and Cloud Onboarding v1.0 (SDWSCS) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for System administrators, IT security administrators, IT security engineers, and other professionals responsible for designing, implementing, maintaining, and managing the security of Red Hat Enterprise Linux systems and ensuring their compliance with the organization's security policies. Be a Red Hat Certified Engineer (RHCE©), or demonstrate equivalent Red Hat Enterprise Linux knowledge and experience. Overview Students that complete this course should be able to demonstrate these skills: - Analyze and remediate system compliance using OpenSCAP and SCAP Workbench, employing and customizing baseline policy content provided with Red Hat Enterprise Linux. - Monitor security-relevant activity on your systems with the kernel's audit infrastructure. - Explain and implement advanced SELinux techniques to restrict access by users, processes, and virtual machines. - Confirm the integrity of files and their permissions with AIDE. - Prevent unauthorized USB devices from being used with USBGuard. - Protect data at rest but provide secure automatic decryption at boot using NBDE. - Proactively identify risks and misconfigurations of systems and remediate them with Red Hat Insights. - Analyze and remediate compliance at scale with OpenSCAP, Red Hat Insights, Red Hat Satellite, and Red Hat Ansible Tower. This course is ideal for security administrators and system administrators who need to manage the secure operation of servers running Red Hat© Enterprise Linux©, whether deployed on physical hardware, as virtual machines, or as cloud instances. Maintaining security of computing systems is a process of managing risk through the implementation of processes and standards backed by technologies and tools. In this course, you will discover and understand the resources that can be used to help you implement and comply with your security requirements. This course is based on Red Hat Enterprise Linux 7.5, Red Hat Satellite 6.3, Red Hat Ansible© Engine 2.5, Red Hat Ansible Tower 3.2, and Red Hat Insights. 1 - MANAGE SECURITY AND RISK Define strategies to manage security on Red Hat Enterprise Linux servers. 2 - AUTOMATE CONFIGURATION AND REMEDIATION WITH ANSIBLE Remediate configuration and security issues with Ansible Playbooks. 3 - PROTECT DATA WITH LUKS AND NBDE Encrypt data on storage devices with LUKS and use NBDE to manage automatic decryption when servers are booted. 4 - RESTRICT USB DEVICE ACCESS Protect system from rogue USB device access with USBGuard. 5 - CONTROL AUTHENTICATION WITH PAM Manage authentication, authorization, session settings, and password controls by configuring pluggable authentication modules (PAMs). 6 - RECORD SYSTEM EVENTS WITH AUDIT Record and inspect system events relevant to security, using the Linux kernel's audit subsystem and supporting tools. 7 - MONITOR FILE SYSTEM CHANGES Detect and analyze changes to a server's file systems and their contents using AIDE. 8 - MITIGATE RISK WITH SELINUX Improve security and confinement between processes by using SELinux and advanced SELinux techniques and analyses. 9 - MANAGE COMPLIANCE WITH OPENSCAP Evaluate and remediate a server's compliance with security policies by using OpenSCAP. 10 - AUTOMATE COMPLIANCE WITH RED HAT SATELLITE Automate and scale your ability to perform OpenSCAP checks and remediate compliance issues using Red Hat Satellite. 11 - ANALYZE AND REMEDIATE ISSUES WITH RED HAT INSIGHTS Identify, detect, and correct common issues and security vulnerabilities with Red Hat Enterprise Linux systems by using Red Hat Insights. 12 - PERFORM A COMPREHENSIVE REVIEW Review the content covered in this course by completing hands-on review exercises. Additional course details: Nexus Humans Red Hat Security - Linux in Physical, Virtual, and Cloud (RH415) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Red Hat Security - Linux in Physical, Virtual, and Cloud (RH415) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for This course is open to engineers, administrators, and security-minded users of public, private, and hybrid cloud infrastructures responsible for implementing security in cloud environments: Security architects Cloud architects Security engineers Cloud engineers System engineers Cisco integrators and partners Overview After taking this course, you should be able to: Contrast the various cloud service and deployment models. Implement the Cisco Security Solution for SaaS using Cisco Cloudlock Micro Services. Deploy cloud security solutions using Cisco AMP for Endpoints, Cisco Umbrella, and Cisco Cloud Email Security. Define Cisco cloud security solutions for protection and visibility using Cisco virtual appliances and Cisco Stealthwatch Cloud. Describe the network as a sensor and enforcer using Cisco Identity Services Engine (ISE), Cisco Stealthwatch Enterprise, and Cisco TrustSec. Implement Cisco Firepower NGFW Virtual (NGFWv) and Cisco Stealthwatch Cloud to provide protection and visibility in AWS environments. Explain how to protect the cloud management infrastructure by using specific examples, defined best practices, and AWS reporting capabilities. This course shows you how to implement Cisco© cloud security solutions to secure access to the cloud, workloads in the cloud, and software as a service (SaaS) user accounts, applications, and data. This course covers usage of Cisco Cloudlock, Cisco Umbrella?, Cisco Cloud Email Security, Cisco Advanced Malware Protection (AMP) for Endpoints, Cisco Stealthwatch© Cloud and Enterprise, Cisco Firepower© NGFW (next-generation firewall), and more. Introducing the Cloud and Cloud Security Describe the Evolution of Cloud Computing Explain the Cloud Service Models Explore the Security Responsibilities Within the Infrastructure as a Service (IaaS) Service Model Explore the Security Responsibilities Within the Platform as a Service (PaaS) Service Model Explore the Security Responsibilities Within the SaaS Service Model Describe Cloud Deployment Models Describe Cloud Security Basics Implementing the Cisco Security Solution for SaaS Access Control Explore Security Challenges for Customers Using SaaS Describe User and Entity Behavior Analytics, Data Loss Prevention (DLP), and Apps Firewall Describe Cloud Access Security Broker (CASB) Describe Cisco CloudLock as the CASB Describe OAuth and OAuth Attacks Deploying Cisco Cloud-Based Security Solutions for Endpoints and Content Security Describe Cisco Cloud Security Solutions for Endpoints Describe AMP for Endpoints Architecture Describe Cisco Umbrella Describe Cisco Cloud Email Security Design Comprehensive Endpoint Security Introducing Cisco Security Solutions for Cloud Protection and Visibility Describe Network Function Virtualization (NFV) Describe Cisco Secure Architectures for Enterprises (Cisco SAFE) Describe Cisco NGFWv/Cisco Firepower Management Center Virtual Describe Cisco ASAv Describe Cisco Services Router 1000V Describe Cisco Stealthwatch Cloud Describe Cisco Tetration Cloud Zero-Trust Model Describing the Network as the Sensor and Enforcer Describe Cisco Stealthwatch Enterprise Describe Cisco ISE Functions and Personas Describe Cisco TrustSec Describe Cisco Stealthwatch and Cisco ISE Integration Describe Cisco Encrypted Traffic Analytics (ETA) Implementing Cisco Security Solutions in AWS Explain AWS Security Offerings Describe AWS Elastic Compute Cloud (EC2) and Virtual Private Cloud (VPC) Discover Cisco Security Solutions in AWS Explain Cisco Stealthwatch Cloud in AWS Describing Cloud Security Management Describe Cloud Management and APIs Explain API Protection Illustrate an API Example: Integrate to ISE Using pxGrid Identify SecDevOps Best Practices Illustrate a Cisco Cloud Security Management Tool Example: Cisco Defense Orchestrator Illustrate a Cisco Cloud Security Management Tool Example: Cisco CloudCenter? Describe Cisco Application Centric Infrastructure (ACI) Describe AWS Reporting Tools Additional course details: Nexus Humans Cisco Securing Cloud Deployments with Cisco Technologies v1.0 (SECCLD) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco Securing Cloud Deployments with Cisco Technologies v1.0 (SECCLD) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for Security architects System designers Network administrators Operations engineers Network managers, network or security technicians, and security engineers and managers responsible for web security Cisco integrators and partners Overview After taking this course, you should be able to: Describe Cisco WSA Deploy proxy services Utilize authentication Describe decryption policies to control HTTPS traffic Understand differentiated traffic access policies and identification profiles Enforce acceptable use control settings Defend against malware Describe data security and data loss prevention Perform administration and troubleshooting The Securing the Web with Cisco Web Security Appliance (SWSA) v3.0 course shows you how to implement, use, and maintain Cisco© Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you?ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution?s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more. Describing Cisco WSA Technology Use Case Cisco WSA Solution Cisco WSA Features Cisco WSA Architecture Proxy Service Integrated Layer 4 Traffic Monitor Data Loss Prevention Cisco Cognitive Intelligence Management Tools Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration Cisco Content Security Management Appliance (SMA) Deploying Proxy Services Explicit Forward Mode vs. Transparent Mode Transparent Mode Traffic Redirection Web Cache Control Protocol Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow Proxy Bypass Proxy Caching Proxy Auto-Config (PAC) Files FTP Proxy Socket Secure (SOCKS) Proxy Proxy Access Log and HTTP Headers Customizing Error Notifications with End User Notification (EUN) Pages Utilizing Authentication Authentication Protocols Authentication Realms Tracking User Credentials Explicit (Forward) and Transparent Proxy Mode Bypassing Authentication with Problematic Agents Reporting and Authentication Re-Authentication FTP Proxy Authentication Troubleshooting Joining Domains and Test Authentication Integration with Cisco Identity Services Engine (ISE) Creating Decryption Policies to Control HTTPS Traffic Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview Certificate Overview Overview of HTTPS Decryption Policies Activating HTTPS Proxy Function Access Control List (ACL) Tags for HTTPS Inspection Access Log Examples Understanding Differentiated Traffic Access Policies and Identification Profiles Overview of Access Policies Access Policy Groups Overview of Identification Profiles Identification Profiles and Authentication Access Policy and Identification Profiles Processing Order Other Policy Types Access Log Examples ACL Decision Tags and Policy Groups Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications Defending Against Malware Web Reputation Filters Anti-Malware Scanning Scanning Outbound Traffic Anti-Malware and Reputation in Policies File Reputation Filtering and File Analysis Cisco Advanced Malware Protection File Reputation and Analysis Features Integration with Cisco Cognitive Intelligence Enforcing Acceptable Use Control Settings Controlling Web Usage URL Filtering URL Category Solutions Dynamic Content Analysis Engine Web Application Visibility and Control Enforcing Media Bandwidth Limits Software as a Service (SaaS) Access Control Filtering Adult Content Data Security and Data Loss Prevention Data Security Cisco Data Security Solution Data Security Policy Definitions Data Security Logs Performing Administration and Troubleshooting Monitor the Cisco Web Security Appliance Cisco WSA Reports Monitoring System Activity Through Logs System Administration Tasks Troubleshooting Command Line Interface References Comparing Cisco WSA Models Comparing Cisco SMA Models Overview of Connect, Install, and Configure Deploying the Cisco Web Security Appliance Open Virtualization Format (OVF) Template Mapping Cisco Web Security Appliance Virtual Machine (VM) Ports to Correct Networks Connecting to the Cisco Web Security Virtual Appliance Enabling Layer 4 Traffic Monitor (L4TM) Accessing and Running the System Setup Wizard Reconnecting to the Cisco Web Security Appliance High Availability Overview Hardware Redundancy Introducing Common Address Redundancy Protocol (CARP) Configuring Failover Groups for High Availability Feature Comparison Across Traffic Redirection Options Architecture Scenarios When Deploying Cisco AnyConnect© Secure Mobility Additional course details: Nexus Humans SWSA v3.0-Securing the Web with Cisco Web Security Appliance training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the SWSA v3.0-Securing the Web with Cisco Web Security Appliance course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for Security engineers Security administrators Security architects Operations engineers Network engineers Network administrators Network or security technicians Network managers System designers Cisco integrators and partners Overview After taking this course, you should be able to: Describe and administer the Cisco Email Security Appliance (ESA) Control sender and recipient domains Control spam with Talos SenderBase and anti-spam Use anti-virus and outbreak filters Use mail policies Use content filters Use message filters to enforce email policies Prevent data loss Perform LDAP queries Authenticate Simple Mail Transfer Protocol (SMTP) sessions Authenticate email Encrypt email Use system quarantines and delivery methods Perform centralized management using clusters Test and troubleshoot This course shows you how to deploy and use Cisco© Email Security Appliance to establish protection for your email systems against phishing, business email compromise, and ransomware, and to help streamline email security policy management. This hands-on course provides you with the knowledge and skills to implement, troubleshoot, and administer Cisco Email Security Appliance, including key capabilities such as advanced malware protection, spam blocking, anti-virus protection, outbreak filtering, encryption, quarantines, and data loss prevention. This course helps you prepare to take the exam, Securing Email with Cisco Email Security Appliance (300-720 SESA). Describing the Cisco Email Security Appliance Cisco Email Security Appliance Overview Technology Use Case Cisco Email Security Appliance Data Sheet SMTP Overview Email Pipeline Overview Installation Scenarios Initial Cisco Email Security Appliance Configuration Centralizing Services on a Cisco Administering the Cisco Email Security Appliance Distributing Administrative Tasks System Administration Managing and Monitoring Using the Command Line Interface (CLI) Other Tasks in the GUI Advanced Network Configuration Using Email Security Monitor Tracking Messages Logging Controlling Sender and Recipient Domains Public and Private Listeners Configuring the Gateway to Receive Email Host Access Table Overview Recipient Access Table Overview Configuring Routing and Delivery Features Controlling Spam with Talos SenderBase and Anti-Spam SenderBase Overview Anti-Spam Managing Graymail Protecting Against Malicious or Undesirable URLs File Reputation Filtering and File Analysis Bounce Verification Using Anti-Virus and Outbreak Filters Anti-Virus Scanning Overview Sophos Anti-Virus Filtering McAfee Anti-Virus Filtering Configuring the Appliance to Scan for Viruses Outbreak Filters How the Outbreak Filters Feature Works Managing Outbreak Filters Using Mail Policies Email Security Manager Overview Mail Policies Overview Handling Incoming and Outgoing Messages Differently Matching Users to a Mail Policy Message Splintering Configuring Mail Policies Using Content Filters Content Filters Overview Content Filter Conditions Content Filter Actions Filter Messages Based on Content Text Resources Overview Using and Testing the Content Dictionaries Filter Rules Understanding Text Resources Text Resource Management Using Text Resources Using Message Filters to Enforce Email Policies Message Filters Overview Components of a Message Filter Message Filter Processing Message Filter Rules Message Filter Actions Attachment Scanning Examples of Attachment Scanning Message Filters Using the CLI to Manage Message Filters Message Filter Examples Configuring Scan Behavior Preventing Data Loss Overview of the Data Loss Prevention (DLP) Scanning Process Setting Up Data Loss Prevention Policies for Data Loss Prevention Message Actions Updating the DLP Engine and Content Matching Classifiers Using LDAP Overview of LDAP Working with LDAP Using LDAP Queries Authenticating End-Users of the Spam Quarantine Configuring External LDAP Authentication for Users Testing Servers and Queries Using LDAP for Directory Harvest Attack Prevention Spam Quarantine Alias Consolidation Queries Validating Recipients Using an SMTP Server SMTP Session Authentication Configuring AsyncOS for SMTP Authentication Authenticating SMTP Sessions Using Client Certificates Checking the Validity of a Client Certificate Authenticating User Using LDAP Directory Authenticating SMTP Connection Over Transport Layer Security (TLS) Using a Client Certificate Establishing a TLS Connection from the Appliance Updating a List of Revoked Certificates Email Authentication Email Authentication Overview Configuring DomainKeys and DomainKeys Identified Mail (DKIM) Signing Verifying Incoming Messages Using DKIM Overview of Sender Policy Framework (SPF) and SIDF Veri?cation Domain-based Message Authentication Reporting and Conformance (DMARC) Verification Forged Email Detection Email Encryption Overview of Cisco Email Encryption Encrypting Messages Determining Which Messages to Encrypt Inserting Encryption Headers into Messages Encrypting Communication with Other Message Transfer Agents (MTAs) Working with Certificates Managing Lists of Certificate Authorities Enabling TLS on a Listener?s Host Access Table (HAT) Enabling TLS and Certi?cate Verification on Delivery Secure/Multipurpose Internet Mail Extensions (S/MIME) Security Services Using System Quarantines and Delivery Methods Describing Quarantines Spam Quarantine Setting Up the Centralized Spam Quarantine Using Safelists and Blocklists to Control Email Delivery Based on Sender Configuring Spam Management Features for End Users Managing Messages in the Spam Quarantine Policy, Virus, and Outbreak Quarantines Managing Policy, Virus, and Outbreak Quarantines Working with Messages in Policy, Virus, or Outbreak Quarantines Delivery Methods Centralized Management Using Clusters Overview of Centralized Management Using Clusters Cluster Organization Creating and Joining a Cluster Managing Clusters Cluster Communication Loading a Configuration in Clustered Appliances Best Practices Testing and Troubleshooting Debugging Mail Flow Using Test Messages: Trace Using the Listener to Test the Appliance Troubleshooting the Network Troubleshooting the Listener Troubleshooting Email Delivery Troubleshooting Performance Web Interface Appearance and Rendering Issues Responding to Alerts Troubleshooting Hardware Issues Working with Technical Support References Model Specifications for Large Enterprises Model Specifications for Midsize Enterprises and Small-to-Midsize Enterprises or Branch O?ces Cisco Email Security Appliance Model Specifications for Virtual Appliances