Home
 
  ARP Technologies Cisco TrainingSpecial OffersOur Cisco coursesCisco training scheduleAbout us

CompanyNewsCareersContact UsClient LoginFranšais

At a Glance

Course Code: SIMOS
Duration: 5
Price: 3695 *
Cisco Learning Credits: 37 *
Type: Public or Private
Skill Level: Intermediate
* Plus applicable taxes

 

Implementing Cisco Secure Mobility Solutions(SIMOS)


Implementing Cisco Secure Mobility Solutions (SIMOS) v1.0 is part of the curriculumpath leading to the Cisco Certified Network Professional Security (CCNP Security) Certification.  This course is designed to prepare network security engineer with the knowledge and skills they need to protect data traversing a public or shared infrastructure such as the Internet by implementing and maintaining Cisco VPN Solutions.  Students will gain hands-on experience with configuring and troubleshooting remote access and site-to-site VPN solutions using Cisco ASA adaptive security appliances and Cisco IOS routers.
Special note

This course is part of the Cisco Certified Network Professional Security Certification (CCNP Security).  This course replaces VPN (Exam No. 642-648).  Last date to test for VPN is April 21, 2014.

Back to top

 
Prerequisites

In order to fully benefit from this course, it is strongly recommended that students have the following prerequisites:

• CCNA Certification

• CCNA Security Certification

• Knowledge of Microsoft Windows operating system

Back to top

 
Audience

This course is intended for Network Security Engineers.

Back to top

 
Skills taught

Upon successful completion of this course, students should be able to:

• Describe the various VPN technologies and deployments as well as teh cryptographic algorithms and protocols that provide VPN security

• Implement and maintain Cisco site-to-site VPN solutions

• Implement and maintain Cisco FlexVPN in point-to-point, hub-and-spoke, and spoke-to-spoke IPsec VPNS

• Implement and maintain Cisco clientelss SSL VPNs

• Implement and maintain Cisco AnyConnect SSL and IPsec VPNs

• Implement and maintain endpoint security and dynamic access policies (DAP)

Back to top

 
Implementing Cisco Secure Mobility Solutions (SIMOS)

Module 1: The Role of VPNs in Network Security

  • Lesson 1: VPN Definition
  • Lesson 2: Key Threats to WANs and Remote Access
  • Lesson 3: Cisco Modular Network Architecture and VPNs
  • Lesson 4: VPN Types
  • Lesson 5: VPN Components
  • Lesson 6: Secure Communication and Cryptographic Services
  • Lesson 7: Cryptographic Algorithms
  • Lesson 8: Cryptography and Confidentiality
  • Lesson 9: Cryptography and Integrity
  • Lesson 10: Cryptography and Authentication
  • Lesson 11: Cryptography and Nonrepudiation
  • Lesson 12: Keys in Cryptography
  • Lesson 13: Public Key Infrastructure
  • Lesson 14: Next-Generation Encryption
  • Lesson 15: Dependencies in Cryptographic Services
  • Lesson 16: Cryptographic Controls Guidelines
Module 2: Deploying Secure Site-to-Site Connectivity Solutions
  • Lesson 1: Site-to-Site VPN Topologies
  • Lesson 2: Site-to-Site VPN Technologies
  • Lesson 3: IPsec VPN Overview
  • Lesson 4: Internet Key Exchange v1 and v2
  • Lesson 5: Encapsulating Security Payload
  • Lesson 6: IPsec Virtual Tunnel Interface
  • Lesson 7: Dynamic Multipoint VPN
  • Lesson 8: Cisco IOS FlexVPN
  • Lesson 9: Overview of Point-to-Point IPsec VPNs on the Cisco ASA
  • Lesson 10: Configuration Tasks for Basic Point-to-Point Tunnels on the Cisco ASA
  • Lesson 11: Enable IKE on an Interface
  • Lesson 12: Configure IKE Policy
  • Lesson 13: Configure PSKs
  • Lesson 14: Choose Transform Set and VPN Peer
  • Lesson 15: Choose Traffic for VPN
  • Lesson 16: Configuring Site-to-Site VPN with Connection Profiles Menu
  • Lesson 17: Verify and Troubleshoot Basic Point-to-Point Tunnels on the Cisco ASA
  • Lesson 18: Overview of Cisco IOS VTIs
  • Lesson 19: Configure Static VTI Point-to-Point Tunnels
  • Lesson 20: Verify Static VTI Point-to-Point Tunnels
  • Lesson 21: Configure Dynamic VTI Point-to-Point Tunnels
  • Lesson 22: Verify Dynamic VTI Point-to-Point Tunnels
  • Lesson 23: Overview of Cisco IOS DMVPN
  • Lesson 24: DMVPN Solution Components
  • Lesson 25: GRE
  • Lesson 26: NHRP
  • Lesson 27: DMVPN Operations
  • Lesson 28: Types of Authentication
  • Lesson 29: Configure DMVPN on Hub
  • Lesson 30: Configure DMVPN on Spoke
  • Lesson 31: Configure Routing in DMVPN
  • Lesson 32: Verify DMVPN
Module 3: Deploying Cisco IOS Site-to-Site FlexVPN Solutions
  • Lesson 1: FlexVPN Overview
  • Lesson 2: Public Key Infrastructure (PKI)
  • Lesson 3: Site-to-Site VPN Topologies
  • Lesson 4: FlexVPN Architecture
  • Lesson 5: FlexVPN Configuration Overview
  • Lesson 6: FlexVPN Capabilities
  • Lesson 7: IKEv2 vs. IKEv1 Overview
  • Lesson 8: IKEv2 Message Exchange
  • Lesson 9: IKEv2 DoS Prevention
  • Lesson 10: IKEv1 and IKEv2 Comparison
  • Lesson 11: FlexVPN Use Cases
  • Lesson 12: Point-to-Point FlexVPN
  • Lesson 13: FlexVPN Configuration Blocks
  • Lesson 14: IKEv2 Profile
  • Lesson 15: Smart Defaults
  • Lesson 16: Manipulating Default Values
  • Lesson 17: Negotiating IKEv2 Proposals
  • Lesson 18: Point-to-Point VPN Scenario with IPv4 Static Routes
  • Lesson 19: Configure and Verify Point-to-Point VPN with IPv4 Static Routes
  • Lesson 20: Point-to-Point VPN Scenario with OSPFv3
  • Lesson 21: Configure and Verify Point-to-Point VPN with OSPFv3
  • Lesson 22: Enroll Devices to ECDSA PKI
  • Lesson 23: Configure Router for ECDSA
  • Lesson 24: Configure ASA for ECDSA
  • Lesson 25: Verify EC Key Pairs and Certificates
  • Lesson 26: Verify IKEv2 SA
  • Lesson 27: Verify IPsec SA
  • Lesson 28: Verify Point-to-Point FlexVPN (just flowchart and important show/debug command output)
  • Lesson 29: Cisco IOS FlexVPN
  • Lesson 30: IKEv2 Configuration Payload
  • Lesson 31: Locally Managed Hub-and-Spoke Scenario
  • Lesson 32: Configure a Spoke in a Hub-and-Spoke Scenario
  • Lesson 33: Configure a Hub in a Hub-and-Spoke Scenario
  • Lesson 34: Configuration Exchange
  • Lesson 35: Verify and Troubleshoot Hub-and-Spoke FlexVPN
  • Lesson 36: Spoke-to-Spoke Shortcut Scenario
  • Lesson 37: NHRP in FlexVPN
  • Lesson 38: onfigure and Verify a Spoke in a Spoke-to-Spoke Shortcut Scenario
  • Lesson 39: Configure and Verify a Hub in a Spoke-to-Spoke Shortcut Scenario
  • Lesson 40: RADIUS-Managed FlexVPN Scenario
  • Lesson 41: Verify Spoke-to-Spoke Shortcut Switching
  • Lesson 42: Troubleshoot Spoke-to-Spoke Shortcut Switching (just flowchart and important show/debug command output) 
Module 4: Deploying SSL VPNs
  • Lesson 1: SSL VPN Components
  • Lesson 2: SSL/TLS
  • Lesson 3: Overview of group policies and connection profiles
  • Lesson 4: Basic Cisco Clientless SSL VPN
  • Lesson 5: Solution Components
  • Lesson 6: Configure ASA gateway
  • Lesson 7: Configure basic authentication
  • Lesson 8: Configure access control (including URL entry and bookmarks)
  • Lesson 9: Verify basic clientless SSL VPN
  • Lesson 10: Troubleshoot basic clientless SSL VPN
  • Lesson 11: Deploying Application Access options (plug-ins, smart tunnels)
  • Lesson 12: Configure and verify plugins
  • Lesson 13: Troubleshoot plugins and smart tunnel
  • Lesson 14: Advanced Authentication in Cisco Clientless SSL VPN Solution Components
  • Lesson 15: Configure and verify Certificate based Authentication
  • Lesson 16: Configure and Verify External Authentication
  • Lesson 17: Troubleshoot Advanced Authentication in Clientless SSL VPN
Module 5: Deploying Cisco AnyConnect VPNs
  • Lesson 1: IP Address assignment
  • Lesson 2: Split Tunneling
  • Lesson 3: Basic Cisco AnyConnect SSL VPN
  • Lesson 4: Solution Components
  • Lesson 5: SSL VPN Server Authentication
  • Lesson 6: SSL VPN Clients Authentication
  • Lesson 7: SSL VPN Clients IP Address Assignment
  • Lesson 8: SSL VPN Split Tunneling
  • Lesson 9: Configure Basic Cisco Authentication
  • Lesson 10: Configure Access Control
  • Lesson 11: Verify and Troubleshoot Basic Cisco AnyConnect SSL VPN
  • Lesson 12: DTLS Overview
  • Lesson 13: Parallel DTLS and TLS Tunnels
  • Lesson 14: Configure DTLS
  • Lesson 15: Verify DTLS
  • Lesson 16: Cisco AnyConnect Client Configuration Management
  • Lesson 17: Cisco AnyConnect Client Operating System Integration Options
  • Lesson 18: Cisco AnyConnect Start Before Logon
  • Lesson 19: Cisco AnyConnect Trusted Network Detection
  • Lesson 20: Configure, Verify, and Troubleshoot Cisco AnyConnect Start Before Logon and Cisco AnyConnect Trusted Network Detection
  • Lesson 21: AnyConnect Support for IPSec/IKEv2
  • Lesson 22: Configure a Cisco AnyConnect IPsec/IKEv2 VPNs on a Cisco ASA Adaptive Security Appliance
  • Lesson 23: Verify and Troubleshoot Cisco AnyConnect IPsec/IKEv2 VPNs on Cisco ASA
  • Lesson 24: Cisco AnyConnect Advanced Authentication Scenarios
  • Lesson 25: External Authentication
  • Lesson 26: Certificate-Based Server Authentication
  • Lesson 27: Configure and Verify Certificate-Based Client Authentication
  • Lesson 28: SCEP Proxy Overview
  • Lesson 29: SCEP Proxy Connection Flow
  • Lesson 30: SCEP Proxy Configuration Procedure
  • Lesson 31: Configure SCEP Proxy
  • Lesson 32: Verify SCEP Proxy
  • Lesson 33: Local Authorization Overview
  • Lesson 34: Local Authorization Scenario
  • Lesson 35: Local Authorization Configuration Procedure
  • Lesson 36: Configure Local Authorization
  • Lesson 37: External Authentication and Authorization Scenario
  • Lesson 38: Configure External Authentication and Authorization
  • Lesson 39: Troubleshoot Advanced Authentication and Authorization in Cisco AnyConnect VPNs
  • Lesson 40: Accounting
Module 6: Endpoint Security and Dynamic Access Policies
  • Lesson 1: Cisco HostScan Overview
  • Lesson 2: Cisco HostScan Prelogin Assessment
  • Lesson 3: Install Cisco HostScan
  • Lesson 4: Configure Prelogin Criteria and Prelogin Policy
  • Lesson 5: Configure Host Scan Endpoint Assessment
  • Lesson 6: Configure Host Scan Advanced Endpoint Assessment
  • Lesson 7: DAP Overview
  • Lesson 8: Integrating DAP with Host Scan
  • Lesson 9: Configuring DAP
  • Lesson 10: Verifying and Troubleshooting DAP

LAB OUTLINE

  • Lab 2-1 Implement Site to Site Secure Connectivity on Cisco ASA
  • Lab 2-2 Objective: Implement a Cisco IOS static VTI point-to-point tunnel
  • Lab 3-1: Implement Site-to-Site Secure Connectivity Using Cisco IOS FlexVPN
  • Lab 3-2: Implement Hub-to-Spoke Secure Connectivity Using Cisco IOS Flex VPN
  • Lab 3-3: Implement Spoke-to-Spoke Secure Connectivity Using Cisco IOS Flex VPN
  • Lab 4-1 Objective: Implement Basic Cisco Clientless SSL VPN on Cisco ASA
  • Lab 4-2 Objective: Application Access clientless SSL
  • Lab 4-3 Objective: Advanced AAA Clientless SSL
  • Lab 5-1 Objective: Implement Basic Cisco AnyConnect SSL VPN on Cisco ASA
  • Lab 5-2: Implement Advanced Cisco AnyConnect SSL VPN on Cisco ASA
  • Lab 5-3: Configure Cisco AnyConnect IPsec/IKEv2 VPNs on Cisco ASA
  • Lab 5-4: Implement Advanced Cisco AnyConnect SSL VPN on Cisco ASA
  • Lab 6-1: Configure Hostscan and DAP for AnyConect SSL VPNs
Back to top

 

 

  IBM Partner
 
 
CompanyNewsOur CoursesScheduleAbout usCareersContact
ARP Technologies, All rights reserved - CALL US NOW : 1 866 450 6469 - CANADA US EUROPE
CISCO Certified Training : Your Expert Cisco, Call Center, VOIP Training Leader | Legal Notices Site created by : Distantia

 
Book your next course - click here ╗