DSACI v1.0 - Deploying Security in Cisco ACI

Networking/Server/Operating Systems
Schedules
Optional
  LearnITAnytime Online Subscription (1 Year Subscription - $195.00)
  IT Online Library (1 Year Subscription - $1595.00)
  Private Mentoring 3 Hours ($225)
Quantity
If quantity is more than 1, Please add all Attendees' Names /Voucher #/ Learning Credit below separated with a comma. If not specified, we will contact you prior to the class start date. Special Instructions

Description

Deploying Security in Cisco ACI is an instructor-led, lab-based, hands-on course that describes the how to implement secure Cisco Application Centric Infrastructure (ACI) operation, as well as how to integrate security services with the Cisco ACI Fabric.

You learn a brief overview of Cisco ACI architecture, including an examination of the Cisco Nexus 9000 Series Switches for data centers. Also, you have the opportunity to discover how to implement security mechanisms in the operational infrastructure with the Cisco ACI environment. You also explore the process for provisioning security services in Cisco ACI, including external Cisco Adaptive Security Appliance (ASA), Adaptive Security Virtual Appliance (ASAv) instances, and Cisco Firepower capabilities. is an instructor-led, lab-based, hands-on course offered by Cisco Learning Services. The course describes the how to implement secure Cisco Application Centric Infrastructure (ACI) operation, as well as how to integrate security services with the Cisco ACI Fabric.
This course combines lecture materials and hands-on labs throughout to make sure you are able to successfully deploy, configure, and maintain Cisco ACI security.

Objectives

The following objectives should be completed by the end of thsi course:

  • Basic Cisco ACI architecture and operation
  • Tenant security
  • Security domains
  • Secure fabric operation
  • Authentication, authorization, and accounting (AAA) integration
  • Microsegmentation
  • L4?L7 service graphs
  • Function profiles
  • External ASA device integration
  • ASAv appliance integration
  • Cisco Firepower Next-Generation Intrusion Prevention System (NGIPS) integration

Prerequisites

Cisco recommends that you have the following prerequisite knowledge and skills:

  • Complete knowledge of Cisco networking
  • Data center and virtualization knowledge
  • Network and data center security skills

Who Should Attend

This course is designed for security-focused engineers, as well as traditional network and data center engineers tasked with security roles in a Cisco networking environment.

Targeted roles include:

  • Data center engineers
  • Technical support personnel
  • Network engineers
  • Security specialists

Outline

  • Module 1: Basics of Cisco ACI
    • Lesson 1: Cisco APIC Architecture and Operation
    • Lesson 2: Cisco ACI Logical Elements
  • Module 2: Security Built In to Cisco ACI
    • Lesson 1: Inherent Cisco ACI Security Mechanisms
    • Lesson 2: Securing the Cisco ACI Environment from Threats
  • Module 3: Security Services in Cisco ACI
    • Lesson 1: L4?L7 Services Key Concepts
    • Lesson 2: Security Appliances in Cisco ACI
    • Lesson 3: Deploying Cisco ASA in Cisco ACI
    • Lesson 4: Deploying Cisco ASAv in Cisco ACI
    • Lesson 5: Deploying Cisco FirePOWER NGIPS in Cisco ACI

Lab Outline

  • Lab 1: Exploring the Cisco ACI Fabric
  • Lab 2: Exploring the Cisco APIC
  • Lab 3: Configuring Cisco Secure Access Control System (ACS) Terminal Access Controller Access Control System+ (TACACS+) Integration
  • Lab 4: Configuring Cisco ACI L4L7 Service Insertion
  • Lab 5: Configuring a Firewall High-Availability Pair
  • Lab 6: Configuring and Inserting a Firewall High-Availability Pair in Routed Mode
  • Lab 7: Configuring and Inserting an ASAv in Transparent Mode
  • Lab 8: Configuring and Inserting a Virtual Cisco Firepower NGIPS in Inline Mode