Course Length:

5 Days

Course Description:

Implementing Enterprise Datacenter Infrastructure Security (IEDIS) is a lab-intensive course that allows students to integrate and test Cisco® security products and security best practices that compose the Cisco Enterprise Data Center Architecture. Students will implement and integrate Layer 2 and Layer 3 network security best practices as well as the Cisco Nexus™ 7000 platform into the data center. Hands-on labs for the Cisco Nexus 7000 include initial network configuration with virtual switching, Layer 2 security, and control-plane policing (CoPP). The course also includes the integration of the Cisco ASA into the data center architecture as a redundant routed pair with additional labs on the implementation of the IPS functionality using the AIP-SSM-40 module. Once the infrastructure has been deployed and secured, the students will deploy Cisco Security Manager and Cisco Secure Monitoring Analysis and Response System (Cisco Security MARS) to manage network security devices.

Who Should Attend:

This course is targeted toward data center managers and administrators, network administrators, security professionals, and engineers interested in deploying and securing Cisco network data center solutions.

Benefits of Attendance:

Upon completion of this course, students will be able to:

• Identify key components of the Data Center 3.0 solution
• Identify and describe network security threats for the enterprise data center
• Configure a Cisco Nexus 7000 platform for Layer 2 and Layer 3 network security
• Configure a Cisco Nexus 7000 platform for secure virtual switching
• Configure CoPP for the Cisco Nexus 7000 platform
• Deploy Layer 2 network security on the Cisco Catalyst 4900M switch
• Deploy Layer 3 network security for Cisco IOS® Software routers
• Configure the Cisco ASA to protect an enterpise data center
• Deploy the Cisco AIP-SSM module in the ASA to provide IPS services to the enterprise data center
• Configure the Cisco Security MARS management platform for network threat correlation
• Integrate Cisco Security Manager with the Cisco Security MARS platform for data center device configuration and management

Prerequisites:

Students must have CCNA® level networking knowledge and experience configuring Cisco network routers and switches and an introductory level understanding of available Cisco security products. It is recommended that students have CCNP level networking knowledge and experience configuring Cisco network routers and switches

Course Outline:

• Introduction
• Data Center Security Overview
• Cisco Nexus Architecture Overview and Setup
• CoPP for the Cisco Nexus 7000
• Layer 2 Network Security
• Layer 3 Network Security
• Deploying the Cisco ASA in an Enterprise Data Center
• Configuring IPS Services for the Data Center Using the Cisco ASA
• Securing Data Center DNS Using the Cisco ASA and AIP-SSM
• Managing Network Security Threats Using Cisco Security MARS
• Integrating Cisco Security Manager into the Data Center
• Lab 1: Remote Network Connectivity
• Lab 2: Configuring the Cisco Nexus 7000 for Layer 2 and Layer 3 Connectivity
• Lab 3: Deploying CoPP for the Cisco Nexus 7000
• Lab 4: Configuring Layer 2 Network Security
• Lab 5: Configuring Layer 3 Network Security
• Lab 6: Configuring the Cisco ASA to Protect the Enterprise Data Center
• Lab 7: Deploying IPS Services Using the Cisco ASA
• Lab 8: Securing Data Center DNS Using the Cisco ASA and AIP-SSM
• Lab 9: Managing Network Security Using the Cisco Security MARS
• Lab 10: Integrating Cisco Security Manager into the Data Center