This comprehensive, extensively hands-on, 5-day Authorized Cisco® course is designed to provide the Advanced Security Student (CCSP Candidate), Technical CSO, Security Field Engineer, or Cisco® Advanced Security Services Engineer, practical design, implementation and complete analysis of the components that construct the Cisco® ‘Self-Defending Network” Solution. Experiencing the collective efforts of Cisco® IPS 6, Cisco® Security Agent, Cisco® Secure MARS™, and Cisco® Security Manager commissioned into a ‘live’ enterprise network, each student will become intrinsically aware of how the ‘complete’ solution is used to shield today’s networks against the ever-changing landscape of threats and attacks.
“The Cisco® Self-Defending Network protects an organization by identifying, preventing, and adapting to threats from both internal and external sources.”
Your journey towards achieving the ultimate in network protection begins with in-depth coverage of each critical component in the infrastructure that is used to “Integrate” the solution: IPS 6x Sensors, IOS IPS on the Integrated Services Routers, ASA5500s using the AIP-SSM, Hosts running the CSA and Clean Access, CS-MARS to collaborate, correlate and mitigate what is detected, and CSM to bring the Enterprise Management together. Every element in the network will act as a point of defense, and all of the elements will work together to provide a secure and ‘adaptive system’. You will learn to design and implement such integration using live dedicated Cisco® devices in our spacious classroom. (See topology and hardware list below) Your journey continues with the implementation of the collaborative and adaptive security solution, namely, the focus on deployment of adaptive behavioral methods and responses in order to teach your network to automatically recognize new and existing threats as they arise and stop them dead in their tracks! Deep practical examination of the broadened threat recognition potential and enhanced attack vector capabilities of each of the Cisco® Secure products, such as ‘True” anomaly detection, Risk and Threat Ratings, Proactive response and Automatic Mitigation, will help you to master the “Self-Defending Network” collective.
All discussions and exercises fixate on mastery of each technology based on its practical orientation within the ‘Big Picture’ and implementation using industry proven technique and ‘best practice’. The hands-on exercises, known as ‘Evolutions’ will test your ability to create solutions to security scenarios, implement each technology and troubleshoot efficiently within a dynamic network environment. All Evolutions within the CCSP535 follow the Interface HardHat™ framework, which focuses on the development of planning, execution and problem-solving skills critical in the real world. The HardHat™ framework is deliberately architected to mimic the most realistic and universal scenarios, forcing you to think through them and implement precise solutions based solely on stated objectives; step-by-step instructions do not exist for real-life and therefore do not exist in HardHat™.
Live! Hardware:
You will gain invaluable experience operating on a wide range of Cisco® hardware; from Cisco® ISRs, several models of Catalyst® switches, 2960 to 6500, ASA5500s with AIP-SSM, IPS 4200 sensors, Cisco® Secure MARS Appliances and multiple host systems running CSA, CTA and CSM. All of the gear mentioned is in the room with you for you to build yourself, and each pod of 2-3 students has a full compliment of the stated gear. There is ‘no such thing’ as using a remote lab at Interface.
Who Should Attend This Training:
CCSP535 is a very challenging course designed only for those candidates who have completed the CCNA equivalent as well as the first three courses in the CCSP track (SND, SNRS, SNPA) or possess equivalent knowledge in all of these areas. Cisco® Partner Security Field Engineers, and/or Candidates with a very strong background in network attacks, security controls, security design and network architecture may attend. Proficiency with the configuration of an ASA5500 appliance, a firewall router (12.4), ACLs, IPSec VPN Configuration, Cisco® ACS and route/switch configuration is required.
Prerequisites
Candidates for this course should have already mastered CCNA skills, General Security CBK (like CISSP or Security+) and the equivalent of Cisco® SND, SNRS and SNPA is required.
Course Deliverables:
Confidence! Learn how IPS 6 functions, how it is implemented, tuned and optimized on Cisco® IPS Appliances Learn how IOS-based IPS functions and how it adds to the security solution Learn how the AIP-SSM functions within the ASA5500 appliance and develop solutions accordingly Learn how CSA is implemented and managed on host computers Learn how MARS is used Correlate, Analyze and Respond to dynamic threats Learn how MARS is used to manage and create reports of detected activity and security incidents Prove the design of the Cisco® Self-Defending network in an Enterprise or SMB setting.
- Preparation for Cisco® Exam: 642-533 – IPS
- Preparation for Cisco® Exam: 642-513 – HIPS
- Preparation for Cisco® Exam: 642-544 – MARS
Note:
Although this course will use Cisco Security Manager (CSM), Identity Based Network Services (IBNS with TACACS+/RADIUS on Cisco® ACS), Cisco® Clean Access (NAC) and other supporting services, the course focuses almost exclusively on IPS, CSA and CS-MARS. If intending to acquire complete training on Cisco® ACS, Clean Access or CSM, another learning offering is suggested.
Additional Course Logistics:
Course runs from 8:00am to 8:00pm daily, Monday – Friday
(Arrive early on Monday for Class Registration) Expect to clear your schedule for the week and focus on the class. It is not uncommon for students to stay even past 8:00pm to get additional lab time. Facility lockdown happens at 9:00pm
You will be provided the following courseware:
- Authorized Cisco® IPS , HIPS and MARS courseware
- Interface Elite Security Solutions Manual
- Interface Elite Security Lab Evolutions Manual and Associated Diagrams
- Course Completion Certificate for Cisco® IPS, Cisco® HIPS, and Cisco® MARS
You will be operating in a ‘live’ dynamic, hands-on networking environment with tons of live Cisco® gear and all of the tools you need to be successful; come prepared to have a great experience and challenge yourself to learn.
What You Will Learn:
- Designing the Cisco® “Self-Defending Network”
- Intrusion Sciences and the relationship to network threats and attacks
- Initializing, configuring and tuning IPS 4200 series sensors
- Initializing, configuring and tuning the ASA5500 AIP-SSM
- IPS Signatures, Signature engines, Events and Alarms, IPS Tuning Framework
- Risk and Threat Ratings, Target Value Rating, Signature Fidelity and Event Action Rules
- Anomaly Detection, Profiles and Tuning Signature Actions based on Threat Levels
- Initializing, migrating and configuring the IOS v5x IPS framework
- Design, Deployment and Configuration of Cisco® Security Agent
- CSA Groups, Policies, Variables, Rules and Application Classes
- Implement MARS for threat management, monitoring and mitigation
- Integrate the Cisco® network and security devices into MARS
- Utilize the combined intelligence of the devices on the network and MARS to provide context correlation, vector analysis, anomaly detection, hotspot identification and automated mitigation
- Investigate security events with MARS alerts and queries and use collected data to create detailed and summary reports of network incidents
- Prevent network attacks using the Self-Defending Network architecture built throughout the course to prove and regression test the final solution
Call 1-800-264-9029