Implementing Cisco IOS Network Security (IINS) 1.0
Overview
This critical Cisco security course focuses on the necessity of
a comprehensive security policy and how it affects the posture of
the network. Students will be able to perform basic tasks to secure
a branch office network using Cisco IOS security features. Students
will learn to enable such features using web-based GUIs (Cisco
Router and Security Device Manager [SDM]) and the command-line
interface (CLI) on the Cisco routers and switches.
Target Audience
This course is a necessity for any student that desires to learn
more about securing networks using the latest in Cisco
technologies. This course is also recommended for any student
interested in professional level Cisco certifications or
beyond.
Prerequisites
The IINS course focuses on the technology required for securing
complex networks. To fully benefit from this course, the student
must be familiar with general networking concepts and have Cisco
router operation and configuration experience. The student should
also be familiar with the Windows Operating System. Successful
completion of Interconnecting Cisco Networking Devices Part 1 (or
equivalent experience) is strongly recommended.
Certification
CCNA-Security, CCSP
Exams
640-553 IINS
Included Labs
- Securing Cisco router administrative access
- Creating Static Packet Filters Using ACLs
- Configuring a Site-to-Site IPsec VPN
- Configuring Cisco IOS IPS
- Using Cisco Catalyst Switch Security Features
Skills
This course covers the following hardware and software/operating
system versions:
- Latest IOS versions
- All versions of Cisco router and switch
Outline
Module 1: Introduction to Network Security
Principles
- Examining Network Security Fundamentals
- Examining Network Attack Methodologies
- Examining Operations Security
- Understanding and Developing a Comprehensive Network Security
Policy
- Building Cisco Self-Defending Networks
Module 2: Perimeter Security
- Securing Administrative Access to Cisco Routers
- Introducing Cisco SDM
- Configuring AAA on a Cisco Router Using the Local Database
- Configuring AAA on a Cisco Router To Use Cisco Secure ACS
- Implementing Secure Management and Reporting
- Locking Down the Router
Module 3: Network Security Using Cisco IOS
Firewalls
- Introducing Firewall Technologies
- Create Static Packet Filters Using ACLs
- Configuring Cisco IOS Zone-Based Policy Firewall
Module 4: Site-to-Site VPNs
- Examining Cryptographic Services
- Examining Symmetric Encryption
- Examining Cryptographic Hashes and Digital Signatures
- Examining Asymmetric Encryption and PKI
- Examining IPSec Fundamentals
- Building a Site-to-Site IPSec VPN
- Configuring IPSec on a Site-to-Site IPSec VPN Using Cisco
SDM
Module 5: Network Security Using Cisco IOS
IPS
- Introducing IPS Technologies
- Configuring Cisco IOS IPS Using Cisco SDM
Module 6: LAN, SAN, Voice, and Endpoint Security
Overview
- Examining Endpoint Security
- Examining SAN Security
- Examining Voice Security
- Mitigating Layer 2 Attacks
- Appendix: Security Policies
Objectives
- Develop a comprehensive network security policy to counter
threats against information security.
- Configure routers on the network perimeter with Cisco IOS
Software security features.
- Configure a Cisco IOS zone-based firewall to perform basic
security operations on a network.
- Configure site-to-site VPNs using Cisco IOS features.
- Configure IPS on Cisco network routers.
- Configure LAN devices to control access, resist attacks, shield
other network devices and systems, and protect the integrity and
confidentiality of network traffic.