ASFE - Advanced Security for Field Engineers

Length: 5

Course Code: 5069

List Price: $2,895

TrainingPage Price: $2,822

TAP Eligible

TAP - Click to Save More The TrainingPage Total Access Pass (TAP) is the most cost-effective and flexible training discount program available.

Click Here for the Details!

View Dates & Enroll Online

Can't find what you're looking for? Let us find it for you.

Overview:

This course is designed exclusively for Cisco Channel Partners and Account Managers and prepares you for the Cisco Advanced Security Field Specialist exam (642-567 ASFE). Achieving Cisco Advanced Security Field Specialist certification demonstrates that you have the hands-on knowledge and skills necessary to install, configure, operate, and troubleshoot Network Admission Control (NAC) and Cisco Security Monitoring Analysis and Response System (CS-MARS). By applying operational knowledge of NAC and CS-MARS, the Cisco Advanced Security Field Specialist has the skills and knowledge needed to effectively identify, manage, and counter threats to secure networks.

This ASFE course covers claims and evidence identified for the new Cisco Advanced Security FE Specialization. Emerging network security threats, such as viruses, worms, and spyware, continue to plague customers and drain organizations of money, productivity, and opportunity. Cisco's Self-Defending Network solutions can dramatically improve the ability of the network to automatically identify, prevent, and adapt to security threats. In this course, you will learn how three innovative technologies from Cisco can secure your network.

Description:

1. Implementing Cisco NAC

Understanding Cisco NAC
Configuring Cisco Secure ACS for Cisco NAC
Configuring Cisco Routers for NAC
Configuring Cisco Switches for NAC
Configuring Cisco NAC Agents

2. Implementing CANAC

Introducing Cisco Clean Access
Introducing Cisco Clean Access Deployment Options
Configuring User Roles
Configuring External Authentication
Configuring DHCP
Implementing Cisco Clean Access Out-of-Band Deployment
Implementing Cisco Clean Access In-Band Deployment
Managing Switches and Routers
Implementing Cisco Clean Access on a Network
Implementing Network Scanning
Configuring the Cisco CAM to Implement Clean Access Agent on User Devices
Monitoring Cisco Clean Access Deployment
Administering Cisco Clean Access Manager

3. MARS Introduction and Installation

Cisco Security Monitoring, Analysis and Response System Overview
Adding Cisco Security and Network Devices into MARS Appliance
Adding Non-Cisco Security and Network Devices into MARS Appliance
Network Summary
Incident Investigation
Create Queries and Reports
Sending Notifications
MARS Rules
MARS Management
MARS System Maintenance
MARS Global Controller Overview

Agenda:

Lab 1: Configuring Cisco Secure ACS for Cisco NAC

Lab 2: Configure a Cisco Router as a NAD

Lab 3: Verify Clientless Hosts

Caution Lab 4: Manually Install Cisco Trust Agent

Lab 5: Configure a Cisco Switch as a NAD

Lab 6: Configuring a Trend Micro Policy Server

Lab 7: Prepare the Cisco CAM to Support Web-based Administration Console Configuration

Lab 8: Configure User Roles

Lab 9: Adding a Cisco CAS to the Cisco CAM

Lab 10: Configure SNMP, Switch, and Port Profiles

Lab 11: Configure Network Scanning

Lab 12: Configure Cisco Clean Access Agent

Lab 13: Install the MARS Appliance

Lab 14: Adding Reporting Devices into MARS appliance

Lab 15: Generating Summary Reports

Lab 16: Incident Investigation

Lab 17: Creating Custom Reports

Lab 18: Creating Rules

Audience:

Cisco Channel Partner and Account Managers who are preparing for their Cisco Advanced Security Field Specialist exam

Objectives:

Introduce Cisco NAC components and posture validation process flow
Procedures required to configure and administer Cisco Secure ACS for Cisco NAC
Commands required to configure and administer a Cisco router for use as a Cisco NAC Network Access Device
Commands required to configure and administer a Cisco switch for use as a Cisco NAC Network Access Device
Processes required to configure and administer Cisco NAC agents
CANAC solution and various CCA deployment options
Configure User Roles, external authentication, and DHCP for CANAC deployments
Implement Cisco Clean Access Out-of-Band deployment
Manage switches and routers for CANAC deployments
CANAC implementation options: In-Band deployment, CCA on Network, Network Scanning, and CCA on user devices
Use CANAC Manager to monitor operational information for CCA deployment, including information on user activity, syslog events, and network configuration changes
Use Administration Module of the CANAC Manager to configure internal administration settings, such as its interface addresses, DNS servers, and other network information
MARS solution, features, and functions
Given MARS software and hardware appliance, cover the basic physical installation process
Add reporting devices into MARS appliance
Configure security devices to generate interesting events that constitute an attack scenario and have MARS collect the interesting events for incident investigation
Attack mitigation and false positive confirmation in context to MARS appliance
Configure appliance to perform incident investigation and attack mitigation
Create, view, and save a long-duration query and reports on the MARS appliance
Configure the MARS appliance to send an alert
Configure a rule (or rules) that detect interesting patterns of network activity and other anomalous network behavior
Use management features in the MARS appliance to assign event, addressing, service, and user information
Configure hardware maintenance chores such as viewing audit trail, data archiving, hot swapping hard drives, and upgrading software on MARS appliance
Provide overview of MARS Global Controller

View Dates & Enroll Online