Instructorctclc admin
TypeOnsite Course
Duration
5 Days
Methods of Delivery
ILT, VIRTUAL/WEBEX, ON-SITE
Price$4495.00 / 45 CLCs
Buy NowBook Now

This is a 5 day hands-on course on Cisco SD-WAN Security Configuration, Security Monitoring and Security Troubleshooting. In this course, students focus on all aspect of the Security Implementation in SD-WAN including Encryption, Secure Controller Communications, Secure WAN Edge to WAN Edge Communication, Secure DIA, Local Policy Security, Central Policy Security, Firewall, IPS, AMP Integration, Umbrella, SIG, Cloud Firewall, and TLS Proxy. Students will learn how to Configure Local Polices, Central Polices, and Security Polices to make their organization safe and secure.

The software applications that are covered in this course include:

  • Cisco SD-WAN

Why Attend With Current Technologies CLCadvanced

  • Our Instructors are the top 10% rated by Cisco.
  • Our Lab has a dedicated 300 Mbps Fiber Connection for our Labs.
  • Our Lab Run up to Date version of Code on our Servers
  • Each pod has their own set of servers. Including their own CUCM, IMP, VCS-C, VCS-E, Conductor, (2) Telepresence Servers, TMS Server. AD/Exchange Servers

Who Should Attend

Prerequisites

Course Objectives

Course Outline

Labs

Download Outline

The primary audience for this course is as follows:

  • Network Administrators
  • Network Engineer

  • Foundational IP networking knowledge such as included with a CCENT or CCNA certification is recommended.
  • Working knowledge of basic IP networking

Upon completing this course, you will be able to meet the following objectives:

  • Implement Infrastructure Security Settings on WAN Edge Devices and Controllers
  • Gain Knowledge and Implement Local Policy Security Details
  • Gain Knowledge and Implement Central Policy Security Details
  • Gain Knowledge and Implement Cisco SD-WAN Firewall
  • Gain Knowledge and Implement Cisco SD-WAN IPS
  • Gain Knowledge and Implement Cisco SD-WAN URL Filtering
  • Gain Knowledge and Implement Cisco SD-WAN AMP
  • Gain Knowledge and Implement Cisco Cloud Security (UMBRELLA/SIG)
  • Gain Knowledge and Implement Cisco SD-WAN SSL/TLS Proxy

Module 1: SD-WAN Infrastructure Review

  • SD-WAN Controllers Review
  • SD-WAN WAN Edges Review
  • SD-WAN FABRIC Review
  • SD-WAN Security Capabilities

Module 2: SD-WAN Infrastructure Security

  • Infrastructure Security Goals
  • SD-WAN WAN Edge Security
  • SD-WAN Controllers Security
  • SD-WAN Certificate Security
  • Control Plane and Data Plane Security
  • vEdge Security Capabilities
  • cEdge Security Capabilities
  • Direct Internet Access vs Datacenter Internet Access
  • IPsec Pairwise Keys
  • Cisco TrustSec Integration
  • Security Virtual Image
  • Configure 802.1x
  • Configure Security Parameters

Module 3: Local Policy Security

  • Local Policy Review
  • IP v4 Access Control Lists
  • IP v6 Access Control Lists
  • Device Access Policies
  • Service Side (LAN) Routing Security
  • Policing Traffic

Module 4: Central Policy Security

  • Central Policy Review
  • Creating Lists used for Security
  • Restricting Topologies with SDWAN
  • Hub and Spoke vs Custom TLOC/Routing
  • Securing Sites with VPN Membership Policies
  • Central Policy Application Firewall vs Security Policy Firewall
  • Redirecting traffic to Umbrella and DIA Securely
  • Service Chaining

Module 5: SD-WAN Security Policies

  • When to use Compliance Workflow
  • When to use Guest Access Workflow
  • When to use Direct Cloud Access Workflow
  • When to use Direct Internet Access Workflow
  • When to use Custom Workflow

Module 6: SD-WAN Firewall Configuration

• Create a New Firewall vs Reuse Existing Firewall
• Create Firewall Lists
• Create a new Firewall
• Define Firewall ZONEs
• Add Firewall Rules
o Source IP/Ports
o Destinations IP/Ports
o Applications Usage Rules
o Protocols Usage Rules
• Order Firewall Rules
• Apply Firewalls to Templates
• Firewall Intra VPN/VRF vs Inter VPN/VRF
• Use the Security Dashboard to Monitor and Troubleshooting Firewall Configuration
• Configure Logging for the Firewall
• Use API’s to access the Firewall data

Module 7: SD-WAN Intrusion Prevention Policy (IPS)

• Which SDWAN Devices Support IPS policies
• Create a New IPS vs Reuse IPS Policy
• When to use multiple IPS Policies in a site
• IPS vs IDS Mode
• Which Signature Set to use
• Signature Allow Lists
• How to load Custom Signatures into the IPS
• Use the Security Dashboard to Monitor and Troubleshooting IPS Configuration
• Configure Logging for the IPS
• Use API’s to access the IPS data

Module 8: SD-WAN URL Filtering

• Create a New URL Filtering vs Reuse URL Filtering Policy
• When to use multiple URL Filtering Policies in a Template
• Which Signature Set to use
• Web Categories
• How to set Web Reputation
• URL Filtering Allow Lists
• URL Filtering Block Lists
• Configure a Custom Block Page
• How to load Custom Signatures into the IPS
• Use the Security Dashboard to Monitor and Troubleshooting URL Filtering Configuration
• Configure Logging for the URL Filtering
• Use API’s to access the URL Filtering data

Module 9: SD-WAN Anti Malware Policy (AMP) 

• Create a New AMP vs Reuse AMP Policy
• When to use multiple AMP Policies in a Template
• AMP File Reputation
• File Analysis with Threat Grid
• Understanding Threat Grid
• Threat Grid Licensing
• Threat Grid File Types
• Use the Security Dashboard to Monitor and Troubleshooting AMP Policy  Configuration
• Configure Logging for the AMP Policies
• Use API’s to access the AMP Policy data

Module 10: Cisco Umbrella Secure Internet Gateway (SIG)

• Umbrella OverviewDNS Security
o Secure Internet Gateway (SIG)
o Cloud Firewall
• DNS Security
o Configure Umbrella Dashboard for SD-WAN
o Configure Umbrella Security
o Umbrella API Integration
o DNS Encryption Policy
o Excluding the local domains
• SIG Integration Overview
o Overview
o SD-WAN SIG Templates
o Adding the WAN Edges to Umbrella
• Umbrella Cloud Firewall
• Use the Security Dashboard to Monitor and Troubleshooting Umbrella Configuration
• Use the Umbrella Dashboard to Monitor the Umbrella Configuration
• Configure Logging for the Umbrella Policies

Module 11: Cisco TLS/SSL Decryption Policy for Security

• TLS/SSL Decryption Overview
• Benefits of TLS Proxy
• Supported Platforms
• Platform Requirements
• Supported Cipher Suites
• Enterprise CA Configuration
• TLS Proxy Configuration
• Traffic Flow with TLS Proxy
• Use the Security Dashboard to Monitor and Troubleshooting TLS Proxy Configuration
• Use the Umbrella Dashboard to Monitor the TLS Proxy Configuration
• Configure Logging for the TLS Proxy Policies

 

Lab Outline

Lab 1: Review SD-WAN Infrastructure

Lab 2: Setting SD-WAN Security Parameters

• Configure Controllers Security Parameters
• Configure IPSEC Security Parameters
• Configure IPsec Pairwise Keys
• Configure Authentication Methods
• Configure Encryption Methods

Lab 3: SD-WAN Local Policy Security Elements

• Configure Lists to be used in Local Policies Security Elements
• Configure IP v4 Access Control Lists
• Configure IP v6 Access Control Lists
• Configure Device Access Policies
• Configure Security on Routing Protocols
• Apply Security to Multiple interfaces in a Template

Lab 4: SD-WAN Central Policy Security Elements

• Configure Custom TLOC/Routing for Restricting the WAN
• Configure VPN Membership Policies
• Configure Central Policy Data Policy Security Elements
• Configure Data Policies to Redirect traffic to Umbrella/SIG/DCA
• Configure Central Policy Application Firewall

Lab 5: Configure SD-WAN Firewall Security Elements

• Use Custom Options to Create a Security Lists
• Use Custom Options to Create a Standalone Firewall
• Create Zone Lists
• Create Rules
• Order Firewall Rules
• Use the Security Dashboard to Monitor and Troubleshooting Firewall Configuration
• Configure Logging for the Firewall
• Use API’s to access the Firewall Data

Lab 6: Configure SD-WAN IPS Security Elements

• Use Custom Options to Create a Security Lists
• Use Custom Options to Create a Standalone IPS
• Configure IPS VPNs
• Set IPS Mode
• Import Snort Signatures
• Use the Security Dashboard to Monitor and Troubleshooting IPS Configuration
• Configure Logging for the IPS
• Use API’s to access the IPS data

Lab 7: Configure SD-WAN URL Filtering Security Elements

• Use Custom Options to Create a Security Lists
• Use Custom Options to Create a Standalone URL Filtering
• Configure URL Filtering VPNs
• Set Web Categories
• set Web Reputation
• Configure Allow Lists and Block Lists
• Use the Security Dashboard to Monitor and Troubleshooting URL Filtering Configuration
• Configure Logging for the IPS
• Use API’s to access the IPS data

Lab 8: Configure SD-WAN AMP/ThreatGrid Security Elements

• Use Custom Options to Create a Security Lists
• Use Custom Options to Create a Standalone AMP/ThreatGrid
• Configure AMP/ThreatGrid
• Use the Security Dashboard to Monitor and Troubleshooting AMP/ThreatGrid Configuration
• Configure Logging for the AMP/ThreatGrid

Lab 9: Configure SD-WAN Umbrella Security Elements

• Use Custom Options to Create a Standalone Umbrella
• Configure Umbrella Dashboard Policies
• Configure SIG
o Configure Web Policy
o Deploy Umbrella Root CA Certificate and PAC file
• Configure SIG
• Configure Cloud Firewall Integration
• Redirect Traffic to Umbrella
• Use the Security Dashboard to Monitor and Troubleshooting Umbrella Configuration
• Use the Umbrella Dashboard to Monitor the Umbrella Configuration
• Configure Logging for the Umbrella

Lab 10: Configure SD-WAN TLS Proxy Security Elements

• Configure Enterprise CA
• Configure Cisco IOS XE SD-WAN Devices as TLS Proxy
• Configure Cipher Suites
• Create TLS Proxy Configuration
• Monitor TLS Proxy Performance
• Revoke and Renew Certificates
• Use the Security Dashboard to Monitor and Troubleshooting TLS Proxy Configuration
• Use the Umbrella Dashboard to Monitor the TLS Proxy Configuration
• Configure Logging for the TLS Proxy

Lab 11: Implement Troubleshoot and Test Security Features

Cisco SD-WAN Security (SDWAN-SEC-CT)