This is a 5 day hands-on course on Cisco SD-WAN Security Configuration, Security Monitoring and Security Troubleshooting. In this course, students focus on all aspect of the Security Implementation in SD-WAN including Encryption, Secure Controller Communications, Secure WAN Edge to WAN Edge Communication, Secure DIA, Local Policy Security, Central Policy Security, Firewall, IPS, AMP Integration, Umbrella, SIG, Cloud Firewall, and TLS Proxy. Students will learn how to Configure Local Polices, Central Polices, and Security Polices to make their organization safe and secure.
The software applications that are covered in this course include:
- Cisco SD-WAN
Why Attend With Current Technologies CLC
- Our Instructors are the top 10% rated by Cisco.
- Our Lab has a dedicated 300 Mbps Fiber Connection for our Labs.
- Our Lab Run up to Date version of Code on our Servers
- Each pod has their own set of servers. Including their own CUCM, IMP, VCS-C, VCS-E, Conductor, (2) Telepresence Servers, TMS Server. AD/Exchange Servers
Who Should Attend
Prerequisites
Course Objectives
Course Outline
Labs
Download Outline
The primary audience for this course is as follows:
- Network Administrators
- Network Engineer
- Foundational IP networking knowledge such as included with a CCENT or CCNA certification is recommended.
- Working knowledge of basic IP networking
Upon completing this course, you will be able to meet the following objectives:
- Implement Infrastructure Security Settings on WAN Edge Devices and Controllers
- Gain Knowledge and Implement Local Policy Security Details
- Gain Knowledge and Implement Central Policy Security Details
- Gain Knowledge and Implement Cisco SD-WAN Firewall
- Gain Knowledge and Implement Cisco SD-WAN IPS
- Gain Knowledge and Implement Cisco SD-WAN URL Filtering
- Gain Knowledge and Implement Cisco SD-WAN AMP
- Gain Knowledge and Implement Cisco Cloud Security (UMBRELLA/SIG)
- Gain Knowledge and Implement Cisco SD-WAN SSL/TLS Proxy
Module 1: SD-WAN Infrastructure Review
- SD-WAN Controllers Review
- SD-WAN WAN Edges Review
- SD-WAN FABRIC Review
- SD-WAN Security Capabilities
Module 2: SD-WAN Infrastructure Security
- Infrastructure Security Goals
- SD-WAN WAN Edge Security
- SD-WAN Controllers Security
- SD-WAN Certificate Security
- Control Plane and Data Plane Security
- vEdge Security Capabilities
- cEdge Security Capabilities
- Direct Internet Access vs Datacenter Internet Access
- IPsec Pairwise Keys
- Cisco TrustSec Integration
- Security Virtual Image
- Configure 802.1x
- Configure Security Parameters
Module 3: Local Policy Security
- Local Policy Review
- IP v4 Access Control Lists
- IP v6 Access Control Lists
- Device Access Policies
- Service Side (LAN) Routing Security
- Policing Traffic
Module 4: Central Policy Security
- Central Policy Review
- Creating Lists used for Security
- Restricting Topologies with SDWAN
- Hub and Spoke vs Custom TLOC/Routing
- Securing Sites with VPN Membership Policies
- Central Policy Application Firewall vs Security Policy Firewall
- Redirecting traffic to Umbrella and DIA Securely
- Service Chaining
Module 5: SD-WAN Security Policies
- When to use Compliance Workflow
- When to use Guest Access Workflow
- When to use Direct Cloud Access Workflow
- When to use Direct Internet Access Workflow
- When to use Custom Workflow
Module 6: SD-WAN Firewall Configuration
• Create a New Firewall vs Reuse Existing Firewall
• Create Firewall Lists
• Create a new Firewall
• Define Firewall ZONEs
• Add Firewall Rules
o Source IP/Ports
o Destinations IP/Ports
o Applications Usage Rules
o Protocols Usage Rules
• Order Firewall Rules
• Apply Firewalls to Templates
• Firewall Intra VPN/VRF vs Inter VPN/VRF
• Use the Security Dashboard to Monitor and Troubleshooting Firewall Configuration
• Configure Logging for the Firewall
• Use API’s to access the Firewall data
Module 7: SD-WAN Intrusion Prevention Policy (IPS)
• Which SDWAN Devices Support IPS policies
• Create a New IPS vs Reuse IPS Policy
• When to use multiple IPS Policies in a site
• IPS vs IDS Mode
• Which Signature Set to use
• Signature Allow Lists
• How to load Custom Signatures into the IPS
• Use the Security Dashboard to Monitor and Troubleshooting IPS Configuration
• Configure Logging for the IPS
• Use API’s to access the IPS data
Module 8: SD-WAN URL Filtering
• Create a New URL Filtering vs Reuse URL Filtering Policy
• When to use multiple URL Filtering Policies in a Template
• Which Signature Set to use
• Web Categories
• How to set Web Reputation
• URL Filtering Allow Lists
• URL Filtering Block Lists
• Configure a Custom Block Page
• How to load Custom Signatures into the IPS
• Use the Security Dashboard to Monitor and Troubleshooting URL Filtering Configuration
• Configure Logging for the URL Filtering
• Use API’s to access the URL Filtering data
Module 9: SD-WAN Anti Malware Policy (AMP)
• Create a New AMP vs Reuse AMP Policy
• When to use multiple AMP Policies in a Template
• AMP File Reputation
• File Analysis with Threat Grid
• Understanding Threat Grid
• Threat Grid Licensing
• Threat Grid File Types
• Use the Security Dashboard to Monitor and Troubleshooting AMP Policy Configuration
• Configure Logging for the AMP Policies
• Use API’s to access the AMP Policy data
Module 10: Cisco Umbrella Secure Internet Gateway (SIG)
• Umbrella OverviewDNS Security
o Secure Internet Gateway (SIG)
o Cloud Firewall
• DNS Security
o Configure Umbrella Dashboard for SD-WAN
o Configure Umbrella Security
o Umbrella API Integration
o DNS Encryption Policy
o Excluding the local domains
• SIG Integration Overview
o Overview
o SD-WAN SIG Templates
o Adding the WAN Edges to Umbrella
• Umbrella Cloud Firewall
• Use the Security Dashboard to Monitor and Troubleshooting Umbrella Configuration
• Use the Umbrella Dashboard to Monitor the Umbrella Configuration
• Configure Logging for the Umbrella Policies
Module 11: Cisco TLS/SSL Decryption Policy for Security
• TLS/SSL Decryption Overview
• Benefits of TLS Proxy
• Supported Platforms
• Platform Requirements
• Supported Cipher Suites
• Enterprise CA Configuration
• TLS Proxy Configuration
• Traffic Flow with TLS Proxy
• Use the Security Dashboard to Monitor and Troubleshooting TLS Proxy Configuration
• Use the Umbrella Dashboard to Monitor the TLS Proxy Configuration
• Configure Logging for the TLS Proxy Policies
Lab Outline
Lab 1: Review SD-WAN Infrastructure
Lab 2: Setting SD-WAN Security Parameters
• Configure Controllers Security Parameters
• Configure IPSEC Security Parameters
• Configure IPsec Pairwise Keys
• Configure Authentication Methods
• Configure Encryption Methods
Lab 3: SD-WAN Local Policy Security Elements
• Configure Lists to be used in Local Policies Security Elements
• Configure IP v4 Access Control Lists
• Configure IP v6 Access Control Lists
• Configure Device Access Policies
• Configure Security on Routing Protocols
• Apply Security to Multiple interfaces in a Template
Lab 4: SD-WAN Central Policy Security Elements
• Configure Custom TLOC/Routing for Restricting the WAN
• Configure VPN Membership Policies
• Configure Central Policy Data Policy Security Elements
• Configure Data Policies to Redirect traffic to Umbrella/SIG/DCA
• Configure Central Policy Application Firewall
Lab 5: Configure SD-WAN Firewall Security Elements
• Use Custom Options to Create a Security Lists
• Use Custom Options to Create a Standalone Firewall
• Create Zone Lists
• Create Rules
• Order Firewall Rules
• Use the Security Dashboard to Monitor and Troubleshooting Firewall Configuration
• Configure Logging for the Firewall
• Use API’s to access the Firewall Data
Lab 6: Configure SD-WAN IPS Security Elements
• Use Custom Options to Create a Security Lists
• Use Custom Options to Create a Standalone IPS
• Configure IPS VPNs
• Set IPS Mode
• Import Snort Signatures
• Use the Security Dashboard to Monitor and Troubleshooting IPS Configuration
• Configure Logging for the IPS
• Use API’s to access the IPS data
Lab 7: Configure SD-WAN URL Filtering Security Elements
• Use Custom Options to Create a Security Lists
• Use Custom Options to Create a Standalone URL Filtering
• Configure URL Filtering VPNs
• Set Web Categories
• set Web Reputation
• Configure Allow Lists and Block Lists
• Use the Security Dashboard to Monitor and Troubleshooting URL Filtering Configuration
• Configure Logging for the IPS
• Use API’s to access the IPS data
Lab 8: Configure SD-WAN AMP/ThreatGrid Security Elements
• Use Custom Options to Create a Security Lists
• Use Custom Options to Create a Standalone AMP/ThreatGrid
• Configure AMP/ThreatGrid
• Use the Security Dashboard to Monitor and Troubleshooting AMP/ThreatGrid Configuration
• Configure Logging for the AMP/ThreatGrid
Lab 9: Configure SD-WAN Umbrella Security Elements
• Use Custom Options to Create a Standalone Umbrella
• Configure Umbrella Dashboard Policies
• Configure SIG
o Configure Web Policy
o Deploy Umbrella Root CA Certificate and PAC file
• Configure SIG
• Configure Cloud Firewall Integration
• Redirect Traffic to Umbrella
• Use the Security Dashboard to Monitor and Troubleshooting Umbrella Configuration
• Use the Umbrella Dashboard to Monitor the Umbrella Configuration
• Configure Logging for the Umbrella
Lab 10: Configure SD-WAN TLS Proxy Security Elements
• Configure Enterprise CA
• Configure Cisco IOS XE SD-WAN Devices as TLS Proxy
• Configure Cipher Suites
• Create TLS Proxy Configuration
• Monitor TLS Proxy Performance
• Revoke and Renew Certificates
• Use the Security Dashboard to Monitor and Troubleshooting TLS Proxy Configuration
• Use the Umbrella Dashboard to Monitor the TLS Proxy Configuration
• Configure Logging for the TLS Proxy
Lab 11: Implement Troubleshoot and Test Security Features
Cisco SD-WAN Security (SDWAN-SEC-CT)
