N-485: In-Depth Securing Networks with Cisco Firepower Threat Defense NGFW

Course Overview:

An in-depth course on how to use and configure Cisco Firepower Threat Defense technology,  from device setup and configuration and including routing, high availability, Firepower Threat Defense migration, traffic control, and Network Address Translation (NAT).  Students implement advanced Next Generation Firewall (NGFW) and Next Generation Intrusion Prevention System (NGIPS) features, including network intelligence, file type detection, network based malware detection, and deep packet inspection.
Students will also learn how to configure site to site VPN, remote access VPN, and SSL decryption before moving on to detailed analysis, system administration, and troubleshooting.  This course combines lecture materials and hands on labs throughout to make sure that students are able to successfully deploy and manage the Cisco Firepower system.

It is a five-day instructor-led course that is aimed at providing network security engineers with the knowledge and skills that are needed to implement and maintain perimeter solutions that are based on Cisco Firepower security appliances. At the end of the course, students will be able to reduce risk to their IT infrastructure and applications using Cisco Firepower security appliance features, and provide detailed operations support for the Firepower appliance.

Attendees to N-485: In-Depth Securing Networks with Cisco Firepower Threat Defense NGFW will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Understand Sourcefire, Firepower 6.2, FireAMP, and Firepower Threat Defense (FTD)
  • Configure the Firepower Management Center (FMC)
  • Raise you confidence managing the Firepower Manager and Firepower tThreat Defense (FTD)
  • Describe the Cisco Firepower Systems infrastructure
  • Navigate the user interface and administrative features of the Cisco Firepower 6.2 system, including advanced analysis and reporting functionality to properly assess threats
  • Describe the System Configuration and Health policies and implement them
  • Describe the role Network Discovery (Firepower) technology plays in the Cisco devices
  • Describe, create, and implement objects for use in Access Control policies
  • Create DNS and URL policies and configure Sinkholes
  • Configure FTD policies such as Platform, Routing, Interface, Zones, PreFilter, QoS, NAT and Flex Config!
  • Describe advanced policy configuration and Firepower system configuration options
  • Configure Malware Policies to find and stop Malware
  • Understand Security Intelligence, and how to configure SI to stop attacks NOW!
  • Configure policies to find and stop Ransomware
  • Understand how to fine tune IPS policies
  • Understand how to find tun Snort Preprocessor policies (NAP)
  • Configure Correlation events, white rules, traffic profiles and create respective events and remediate them
  • Analyze events
  • Create reporting templates and schedule them
  • Configure backups, rule updates, Firepower Recommendations, URL updates, and more to run every week automatically
  • Set up external authentication for users using LDAP/Realms
  • Configuring system integration, realms, and identity sources
  • Configure FMC domains and implement them
  • Configure FTD HA with two FTD devices
  • SSL Policy – decrypt your traffic
  • AnyConnect and Site-to-Site VPN
  • Understand network and host based AMP.  Configure and analyze host based AMP
  • Understand Cisco Identity Services Engine (ISE)
  • Configure ISE and integrate with Cisco FMC identity policy using PxGrid

Prerequisites:

Comments

Latest comments from students

Liked the class?  Then let everyone know!

TN-765: Automating Administration with Windows Powershell

 

Course Overview:

This course provides students with the fundamental knowledge and skills to use PowerShell for administering and automating administration of Windows servers. This course provides students the skills to identify and build the command they require to perform a specific task. In addition, students learn how to build scripts to accomplish advanced tasks such as automating repetitive tasks and generating reports. This course provides prerequisite skills supporting a broad range of Microsoft products, including Windows Server, Windows Client, Microsoft Azure, and Microsoft 365. In keeping with that goal, this course will not focus on any one of those products, although Windows Server, which is the common platform for all of those products, will serve as the example for the techniques this course teaches.

Attendees to TN-765: Automating Administration with Windows Powershell will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Course Duration: 5 days

Course Objectives:

 

  • Describe the functionality of Windows PowerShell and use it to run and find basic commands
  • Identify and run cmdlets for server administration
  • Work with Windows PowerShell pipeline
  • Describe the techniques Windows PowerShell pipeline uses
  • Use PSProviders and PSDrives to work with other forms of storage
  • Query system information by using WMI and CIM
  • Work with variables, arrays, and hash tables
  • Write basic scripts in Windows PowerShell
  • Write advanced scripts in Windows PowerShell
  • Administer remote computers
  • Use background jobs and scheduled jobs
  • Use advanced Windows PowerShell techniques

 

Course Prerequisites:

 

  • Experience with Windows networking technologies and implementation.
  • Experience with Windows Server administration, maintenance, and troubleshooting.

 

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!

N-505: CISCO DoD Comply to Connect (C2C)

Course Overview:

 Cisco DoD Comply-to-Connect (C2C) course teaches you how to implement and deploy a Department of Defense (DoD) Comply-to-Connect network architecture using Cisco Identity Services Engine (ISE). This training covers implementation of 802.1X for both wired and wireless devices and how Cisco ISE uses that information to apply policy control and enforcement. Additionally, other topics like supplicants, non-supplicants, ISE profiler, authentication, authorization, and accounting (AAA) and public key infrastructure (PKI) support, reporting and troubleshooting are covered. Finally, C2C specific use case scenarios are covered.

This training also earns you 32 Continuing Education (CE) credits toward recertification.

Dates/Locations:

No Events

Duration: 5 days

 

Course Outline: 

Section 1: C2C Fundamentals

  • Comply to Connect Overview
  • From C2C to ZTA
  • Steps to Implement C2C

Section 2: Cisco Identity-Based Networking Services

  • Cisco IBNS Overview
  • AAA Role in Cisco IBNS
  • Compare Cisco IBNS and Cisco ISE Solutions
  • Explore Cisco IBNS Architecture Components

Section 3: Introducing Cisco ISE Architecture

  • Cisco ISE as a Network Access Policy Engine
  • Cisco ISE Use Cases
  • Cisco ISE Functions

Section 4: Introducing Cisco ISE Deployment

  • Cisco ISE Deployment Models
  • Cisco ISE Licensing and Network Requirements
  • Cisco ISE Context Visibility Features
  • New Features in Cisco ISE 3.X

Section 5: Introducing Cisco ISE Policy Enforcement Components

  • 802.1X for Wired and Wireless Access
  • MAC Authentication Bypass for Wired and Wireless Access
  • Identity Management
  • Active Directory Identity Source
  • Additional Identity Sources
  • Certificate Services

Section 6: Introducing Cisco ISE Policy Configuration

  • Cisco ISE Policy
  • Cisco ISE Authentication Rules
  • Cisco ISE Authorization Rules

Section 7: PKI and Advanced Supplicants

  • Public Key Infrastructure (PKI)
  • TEAP in Comply to Connect (C2C)
  • Secure Client ISE features and Configuration for C2C

Section 8: Introducing the Cisco ISE Profiler

  • Web Access with Cisco ISE
  • ISE Profiler
  • Cisco ISE Probes
  • Profiling Policy
  • Custom Attributes in Profile

Section 9: Introducing Cisco ISE Endpoint Compliance Services

  • Endpoint Compliance Services Overview

Section 10: Configuring Client Posture Services and Compliance

  • Client Posture Services and Provisioning Configuration

Section 11: Introducing Profiling Best Practices and Reporting

  • Profiling Best Practices

Section 12: C2C Use Cases

  • Cisco CX ISE Reporting Tool
  • ISE Reporting
  • ISE Hardening
  • Profiling Best Practices for C2C

Section 13: C2C Third-Party Integrations-Tenable

  • Tenable Use Case
  • Tenable Overview and Capabilities
  • Tenable Integration Prerequisites
  • Tenable Integration Configuration
  • Policy Design
  • Policy Enforcement
  • Enforcement Verification

Section 14: C2C Third-Party Integrations-MECM

  • MECM Use Case
  • MECM Overview and Capabilities
  • MECM Integration Prerequisites
  • MECM Integration Configuration
  • Policy Design
  • Policy Enforcement
  • Enforcement Verification

Section 15: C2C Third-Party Integrations-Trellix

  • Trellix Use Case
  • Trellix Overview and Capabilities
  • Trellix Integration Prerequisites
  • Trellix Integration Configuration
  • Policy Enforcement
  • Enforcement Verification

Section 16: Troubleshooting Cisco ISE Policy and Third-Party NAD

  • Cisco ISE Third-Party Network Access Device Support
  • Troubleshooting Cisco ISE Policy Configuration

Section 17: Exploring Cisco TrustSec

  • Cisco TrustSec Overview
  • Cisco TrustSec Enhancements
  • Cisco TrustSec Configuration

Section 18: Working with Network Access Devices

  • Reviewing AAA
  • Cisco ISE TACACS+ Device Administration
  • Configuring TACACS+ Device Administration
  • TACACS+ Device Administration Guidelines and Best Practices

 

Course Prerequisites: 

There are no prerequisites for this training. However, the knowledge and skills you are recommended to have before attending this training are:

  • Familiarity with 802.1X
  • Familiarity with Microsoft Windows Operating Systems
  • Familiarity with Cisco IOS CLI for wired and wireless network devices
  • Familiarity with Cisco Identity Service Engine

Observations of Instructor Led Training with Real Hardware

TechNow has heard many students talk about virtualized/remote training that TechNow Does Not Do.  While training our most recent offering of PA-215: Palo Alto Networks Firewall Essentials FastTrack a student told his story of how he endend up in our course.  His story we have heard for other technologies like Cisco, VMware, BlueCoat and other products.

A large percentage of training is moving to the virtualized/remote lab environments.  Students are asked to use some variant of remote access software and remote into the training company's lab environment. Our student in our Palo Alto Networks Firewall course informed us that he went to a very costly offering of that course from the vendor and was not able to perform any labs.  There were either network connectivity issues, or issues with the remote access software, or other problems.  The whole training experience was very frustrating and not productive.

We keep our labs open to students if they would like after hours, or before hours access.  Repeatedly going through a lab engrains that knowledge for later recall.  Touching hardware is so critical in understanding the problems that arise when a cable comes loose, or a cable gets plugged in the wrong port.  There are other scenarios such as just pulling the power cable, or turning off a power strip, or accidently overwriting a configuration.  These disaster scenarious requires hands-on physical access to hardware.  Preventing and recovering from disasters is what it's all about, and that requires hands-on, instructor led, real hardware.

TN-223: Advanced Shell Programming

 

Course Overview:

The course teaches students to use the sort, grep, sed, & awk utilities within Unix. Systems administrators, Unix users, & programmers benefit from the course showing them how to use the command line applications of sort, grep, sed, & awk commands as well as using sed & awk scripts that develop the users skills with the full power of these utilities.

Attendees to TN-223: Advanced Shell Programming will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 3 Days

Course Objectives:

  • Sorting files by line or field
  • Regular Expressions (meta character) with grep commands to locate specific lines in files
  • Performing non-interactive editing tasks with the sed command
  • Writing simple sed scripts to perform complex editing tasks
  • Using awk variables & arrays to sort data
  • Employing awk programs to manipulate numeric & textual data
  • Performing formatted printing in awk
  • Writing simple awk programs to write reports from data files
  • Using built-in awk functions & defining new functions
  • Write awk programs that make decisions based on numeric or string comparisons (branches & loops)
  • Grep, egrep extended metacharacters, combinations-lab advanced combinations- lab Sed
  • Basic commands- Lab, Advanced commands- Lab, Advanced scripting -Lab
  • Miscellaneous commands Tr, sort, cut, paste, pr -Lab

Prerequisites:

  • TN-125: Introduction to UNIX & Linux
  • TN 215: Shell Programming.
  • Students should have a basic knowledge of UNIX commands including rm, cp, man, cat, & mkdir. Navigating directory structure using commands such as ls, cp, & pwd. Creating and editing files with the vi editor or text editor. Use of basic programming constructs, & commands such as variables & loops & how to write a simple program in a programming language.

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!