SMN v1.1 - Implementing Security Manager for Cisco Networks SMN v1.1

Duration:3 days

Price:$2,895.00

Test Level:0

Certifications:
  • No Certification
Exams:
  • No Exam

Description

  • Cisco Security Manager 3.x supports integrated provisioning of VPN and firewall services across IOS routers, PIX, ASA security appliances, IPS, and services modules in Catalyst 6500 switch series and Cisco 7600 router series devices. The resulting learning product, SMN v1.1, is a performance-based course comprised of lessons and lab activities.
  • Cisco Security Manager centrally provisions all aspects of device configurations and security policies for Cisco firewalls, virtual private networks (VPNs), and Cisco Intrusion Prevention System (IPS). It also supports advanced settings that are not strictly related to security, such as quality of service (QoS) routing and Simple Network Management Protocol (SNMP).
  • Cisco Security Manager 3.x is suitable for managing small networks consisting of a handful of devices, but also scales to efficiently manage large scale networks consisting of thousands of devices. Scalability is achieved through intelligent policy-based management techniques that can simplify administration.

Objectives

  • Describe the Cisco Security Manager solution, features, and functions
  • Describe how to manage devices in Cisco Security Manager
  • Describe the concept of policies in Cisco Security Manager and how to use and manage them
  • Describe the concept of objects in Cisco Security Manager and how to use and manage them
  • Describe how to use the Map view
  • Describe various services and platform policies that are used to manage site-to-site VPN, remote-access VPN, and SSL VPN
  • Describe various firewall services that are used to manage firewall-related policies
  • Describe how to configure platform policies on firewall devices
  • Describe how to configure platform-specific services and policies on Cisco IPS sensors and Cisco IOS IPS devices
  • Describe how to configure platform policies and interface policies on Cisco IOS routers
  • Describe how to configure platform-specific services and policies on Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • Describe the FlexConfig feature and how to use it
  • Describe the process of working with activities and managing deployment in Cisco Security Manager
  • Describe monitoring, troubleshooting, and diagnostic tools that are available in Cisco Security Manager

Who Should Attend

The primary and secondary audience for this course is as follows:

  • Engineers who support sales of Cisco security product solutions
  • Cisco channel partners who sell, implement, and maintain secure networks
  • Cisco customers who implement and maintain secure networks

Course Outline

Module 1: Cisco Security Manager Overview

  • Lesson 1: Introducing Cisco Security Manager
    • Product Overview
    • Using Cisco Security Manager
    • Installing Cisco Security Manager
    • Working with the Cisco Security Manager User Interface
  • Lesson 2: Managing Devices
    • Preparing the Devices for Cisco Security Manager to Manage
    • Understanding Device View
    • Adding Devices to the Cisco Security Manager Inventory
    • Working with Devices with Dynamically Assigned IP Addresses
    • Understanding Device Credentials
    • Testing Device Connectivity
    • Understanding Device Properties
    • Understanding Device Grouping
  • Lesson 3: Managing Policies
    • Understanding Policies
    • Managing Policies in Device View
    • Managing Shared Policies in Policy View
    • Advanced Policy Features
    • Discovering Policies
  • Lesson 4: Managing Objects
    • Objects Overview
    • Understanding the Policy Object Manager Window
    • Overriding Global Objects for Individual Devices
    • Selecting Objects for Policies
  • Lesson 5: Using Map View
    • Understanding Maps
    • Displaying Your Network on the Map
    • Managing Firewall Services in Map View
    • Managing VPNs in Map View
    • Managing Device Policies in Map View

Module 2: Provisioning Cisco Security Devices

  • Lesson 1: Managing Virtual Private Networks
    • Overview of Site-to-Site VPNs
    • Working with VPN Topologies
    • Working with Site-to-Site VPN Policies
    • Overview of Remote-Access VPNs
    • Working with Policies in Remote-Access VPNs
  • Lesson 2: Managing SSL VPNs
    • Overview of SSL VPNs
    • Configuring SSL VPN on a Cisco IOS Device
  • Lesson 3: Managing Firewall Services
    • Overview of Managing Firewall Services
    • Managing Rules Tables
    • Understanding Access Rules
    • ACL Settings
    • Inspection Rules
    • AAA Rules
    • Web Filter Rules
    • Transparent Firewall Rules
  • Lesson 4: Managing Firewall Devices
    • Platform Policies on Firewall Devices
  • Lesson 5: Managing Cisco IPS Services and Devices
    • Overview of Network Sensing
    • Configuring Interfaces
    • Configuring Signatures
    • Configuring Anomaly Detection
    • Configuring Event Actions
    • Configuring Policies for Cisco IOS IPS Devices
    • Managing Cisco IPS Devices
  • Lesson 6: Managing Routers
    • Overview of Policy Management on Cisco IOS Routers
    • Working with Platform Policies for Cisco IOS Routers
  • Lesson 7: Managing Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
    • Overview of Managing Catalyst 6500 Series Switches and Cisco 7600 Series Routers
    • Managing Policies for Catalyst 6500 Series Switches and Cisco 7600 Series Routers

Module 3: Managing FlexConfigs, Deployment, and Administration in Cisco Security Manager

  • Lesson 1: Managing FlexConfigs
    • Understanding FlexConfig
    • Working with FlexConfig Policy Objects
  • Lesson 2: Managing Activities and Workflow Deployments
    • Understanding Activities
    • Working with Activities
    • Managing Deployment
  • Lesson 3: Using Monitoring, Troubleshooting, and Diagnostic Tools
    • Using the Tools Menu
    • Using Monitoring, Troubleshooting, and Diagnostic Tools

Lab Outline

  • Pre-Lab Activity: Remote Server and Terminal Server Access
  • Lab 1-1: Device Bootstrap and Connectivity Test
  • Lab 1-2: Device Import
  • Lab 1-3: Interface Role Definitions and Uses
  • Lab 1-4: Policy Object Creation
  • Lab 2-1: Firewall Policy Management: Policy Sharing
  • Lab 2-2: Firewall Policy Management: Policy Inheritance
  • Lab 2-3: NAT and Inspection Rules Configuration
  • Lab 2-4: VPN Deployment Management
  • Lab 2-5: Cisco ASA Virtual Firewall Management
  • Lab 3-1: Device Management with CiscoWorks Auto Update Server

Prerequisites

  • Cisco CCSP® certification or the equivalent knowledge
  • Passage of the Securing Networks with PIX and ASA exam (642-522 SNPA) and the Securing Networks with Cisco Routers and Switches exam (642-503 SNRS) or equivalent knowledge.
  • Familiarity with implementing network security policies and these networking components and concepts:
    • Security Technologies: NAT, PAT, firewall appliances, VPN, IPS, CSA, ACS, integrated router and switch security and security management software.
    • Security Protocols: AAA, IPSec, IKE, and various tunneling protocols.
    • Application Protocols: HTTP, HTTPS, ICMP, SSH, SSL, NTP, FTP, TFTP, DNS etc.

Upcoming Classes

There are no scheduled classes for this course in the next four months. Call 1(866)399-8287 to make a request.

Cisco

Select a Class

There are no scheduled classes for this course in the next four months. Call 1(866)399-8287 to make a request.
Close Checkout

Your class selection was successfully added to your cart.