SECUR201 - Implementing an Integrated Threat Defense Solution

This lab-intensive course introduces you to Cisco�s Integrated Threat Defense solution with a focus on product integration. The skills you will learn include:

Integration of solution components with existing network services

Integration of solution components with the pxGrid framework

Integration of network- and endpoint-based malware protection

Observation of security data flow after introduction of malware.

The course begins with an analysis of the current cybersecurity landscape and includes details on why networks today need an integrated threat defense architecture. You will integrate and verify proper operation of the key Cisco Integrated Threat Defense products, including Cisco Identity Services Engine (ISE), Cisco Stealthwatch , Cisco Firepower NGFW, and Cisco AMP for Endpoints. Verification includes the introduction of malware into the network to ensure proper identification, analysis, and quarantine. This course combines lecture materials and hands-on labs that give you practice in configuring the solution integrations.


After completing this course, you should be able to:

? Describe the current network security landscape and the Cisco Integrated Threat Defense (ITD) solution

? Describe the key components of the ITD solution and their use in the network

? Configure the ISE for a baseline of operation in the ITD solution

? Configure the integration between the Stealthwatch and ISE platforms

? Configure the integration between the Cisco Firepower and ISE platforms

? Configure the integration between Cisco Firepower and AMP for Endpoints


? Technical understanding of TCP/IP networking and network architecture

? Technical understanding of security concepts and protocols

? Familiarity with Cisco ISE, Stealthwatch, Firepower, and AMP is an advantage

Who Should Attend

? Systems and network engineers

? Technical architects

? Technical support personnel

? Channel partners and resellers


? Module 1: Integrated Threat Defense Introduction

? Module 2: ITD Products

? Module 3: Identity Services Engine Setup

? Module 4: Integration of Stealthwatch with Identity Services Engine

? Module 5: Integration of Firepower with Identity Services Engine

? Module 6 Integration of Firepower with AMP for Endpoints

Lab Outline

? Lab 1: Connecting to the Lab Environment

? Lab 2: Integrating ISE and Active Directory

? Lab 3: ISE and ASA Integration

? Lab 4: Configuring pxGrid and Client Certificates

? Lab 5: Integrating Stealthwatch with Identity Services Engine

? Lab 6: Integrating NVM with AnyConnect

? Lab 7: Integrating Firepower with Identity Services Engine

? Lab 8: Integrating AMP for Endpoints with Firepower