cisco logo color 2020

Managing Enterprise Security with Cisco Security Manager

The Managing Enterprise Security with Cisco Security Manager (SSECMGT) v4.0 course is a five-day instructor-led course that is aimed at providing network security engineers with the knowledge and...

Read More
$3,395 USD GSA  $2,907.56
Course Code SSECMGT-4-0
Duration 5 days
Available Formats Classroom
6119 Reviews star_rate star_rate star_rate star_rate star_half
Course Image

The Managing Enterprise Security with Cisco Security Manager (SSECMGT) v4.0 course is a five-day instructor-led course that is aimed at providing network security engineers with the knowledge and skills that are needed to configure and deploy Cisco Security Manager. The course also provides an overview of network security technologies, and includes case studies that are useful for deployment scenarios.

Skills Gained

Upon completing this course, the learner will be able to meet these overall objectives:

  • Present an overview of the Cisco Security Manager product, describe the main product features, and introduce the basic deployment tasks
  • Manage configuration of Cisco ASA adaptive security appliances and Cisco FWSM firewall devices, and explain firewall event management and device configuration correlation
  • Describe the most commonly used VPN topologies and their deployment
  • Examine the configuration of intrusion prevention mechanisms on the Cisco IOS platform, modules, and standalone appliances, as well as explain the Cisco IPS event and configuration correlation
  • Explain how Cisco Security Manager works with Cisco IOS devices, including the new Cisco ISR G2 routers
  • Describe the FlexConfig functionality of Cisco Security Manager, the workflow mode of operation, and administrative tasks and integration with Cisco Secure ACS

Who Can Benefit

The primary audience for this course is as follows:

  • Network security engineers that are working in the enterprise sector.

Prerequisites

The knowledge and skills that a learner must have before attending this course are as follows:

  • Cisco CCNP® Security certification:
  • a) Securing Networks with Cisco Routers and Switches (SECURE)
  • b) Deploying Cisco ASA Firewall Features (FIREWALL)
  • c) Deploying Cisco ASA VPN Solutions (VPN)
  • d) Implementing Cisco Intrusion Prevention System (IPS)
  • Understanding of networking and routing (on the CCNP level, but no certification is required).
  • Understanding of different VPN technologies (such as DMVPN, GET VPN, and SSL VPN).
  • Working knowledge of the Microsoft Windows operating system.

Course Details

Module 1: Cisco Security Manager Overview

Lesson 1: Introducing Cisco Security Manager

  • Product Overview
  • Using Cisco Security Manager
  • Installing Cisco Security Manager
  • Cisco Security Manager Installation Procedure
  • Working with the Cisco Security Manager User Interface
  • New Features in Cisco Security Manager 4.0

Lesson 2: Managing Devices

  • Preparing the Devices for Cisco Security Manager
  • Understanding the Device View
  • Adding Devices to Cisco Security Manager Inventory
  • Working with Devices with Dynamically Assigned IP Addresses
  • Understanding Device Properties
  • Understanding Device Credentials
  • Managing Devices
  • Understanding Device Grouping
  • On-Demand Out–of-Band Change Detection

Lesson 3: Managing Policies

  • Understanding Policies
  • Managing Policies in Device View
  • Managing Shared Policies in Policy View
  • Interface Roles
  • Advanced Policy Features
  • Policy Locking
  • Discovering Policies

Lesson 4: Managing Objects

  • Objects Overview
  • Understanding the Policy Object Manager Window
  • Overriding Global Objects for Individual Devices
  • Selecting Objects for Policies

Lesson 5: Using Map View

  • Understanding Maps
  • Displaying Your Network on the Map
  • Managing Firewall Services in Map View
  • Managing VPNs in Map View
  • Managing Device Policies in Map View

Module 2: Firewall Policy Management

Lesson 1: Managing Firewall Services

  • Overview of Managing Firewall Services
  • Managing Rules Tables
  • Understanding Access Rules
  • Understanding Access Control Settings
  • Understanding Inspection Rules
  • Understanding Access Rule Functions
  • Understanding AAA Rules
  • Understanding Web Filter Rules
  • Understanding Transparent Firewall Rules
  • Understanding Zone-Based Firewall Rules
  • Understanding Interface and Global Rules
  • Understanding Botnet Traffic Filtering

Lesson 2: Managing Firewall Devices

  • Platform Policies on Firewall Devices
  • NAT Policies on Firewall Devices
  • Bridging Policies on Firewall Devices
  • Device Administration Policies on Firewall Devices
  • Logging Policies on Firewall Devices
  • Multicast Policies on Firewall Devices
  • Routing Policies on Firewall Devices
  • Security Policies on Firewall Devices
  • Service Policy Rules on Firewall Devices
  • Security Contexts on Firewall Devices

Lesson 3: Event Monitoring and Rule Correlation for Firewalls

  • Supported Devices and Events in Event Viewer
  • EventServer Overview
  • Cisco ASA Device Bootstrapping
  • Introduction to Event Viewer
  • Event-to-Policy Correlation
  • Event Collection and Event Viewer Settings

Module 3: VPN Policy Configuration

Lesson 1: Managing VPNs

  • Overview of Site-to-Site VPNs
  • Working with VPN Topologies
  • Working with Site-to-Site VPN Policies
  • Configuring Advanced VPN Platforms

Lesson 2: Managing Remote Access IPsec VPNs

  • Overview of Remote-Access VPNs
  • Working with Policies in Remote-Access VPNs
  • Configuring VPN Options

Lesson 3: Configuring Client-Based SSL VPNs

  • SSL VPN Management Features and Platform Support
  • Overview of Remote-Access SSL VPNs
  • Bootstrapping Cisco ASA Adaptive Security Appliance for Full Tunnel SSL VPN
  • Configuring Full Tunnel SSL VPN

Lesson 4: Configuring Clientless SSL VPNs

  • Clientless SSL VPN Overview
  • Clientless SSL VPN Configuration
  • Working with Application Plug-Ins
  • SSL VPN Portal Customization

Lesson 5: Configuring Advanced VPN Configurations

  • Managing Cisco Security Desktop Policy
  • Configuring DAP
  • Creating Group Policies
  • Creating Remote Connection Profiles
  • Working with VPN AAA

Lesson 6: Deploying Advanced VPN Technologies

  • DMVPN Overview
  • Hub-and-Spoke Prerequisites
  • Configuring DMVPN
  • Managing DMVPN
  • GET VPN Overview
  • Configuring GET VPN
  • Managing GET VPN
  • GRE over IPsec
  • VPN Dial Backup
  • VRF-Aware IPsec
  • VPN High Availability

Module 4: Cisco IPS Solutions Management

Lesson 1: Managing Cisco IPS Services

  • Overview of Network Sensing
  • Configuring Interfaces
  • Configuring Signatures
  • Working with IPS Signatures
  • Configuring Anomaly Detection
  • Configuring Event Actions
  • Configuring Global Correlation

Lesson 2: Managing Cisco IPS Devices

  • Managing Cisco IPS Modules and Appliances
  • Configuring Policies for Cisco IOS IPS Devices
  • Managing Cisco IPS Updates

Lesson 3: Managing Cisco IPS Events

  • Cisco Security Manager IPS Event Management
  • Mapping IPS Events to Policies

Module 5: Cisco IOS Device Provisioning

Lesson 1: Managing Routers

  • Overview of Policy Management on Cisco IOS Routers
  • Working with Platform Policies for Cisco IOS Routers
  • NAT Policies
  • Interface Policies
  • Device Administration Policies
  • Configuring Device Administration Policies
  • Identity Policies
  • Logging and QoS Policies
  • Routing Policies
  • Advanced Routing Configuration Options
  • Zone-Based Firewall

Lesson 2: Using the Cisco Catalyst 6500 Series Switch and Cisco 7600 Series Router Device Manager

  • Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers Overview
  • Managing Policies for Catalyst 6500 Series Switches and 7600 Series Routers

Module 6: Management, Deployment, and Administration of FlexConfigs in Cisco Security Manager

Lesson 1: Managing FlexConfigs

  • Understanding FlexConfig
  • Creating FlexConfig Policy Objects
  • Working with FlexConfig

Lesson 2: Managing Activities and Workflow Deployments

  • Managing Activities
  • Working with Activities
  • Managing Deployment

Lesson 3: Implementing Integration Between Cisco Security Manager and Cisco Secure ACS

  • Understanding Roles in Cisco Security Manager
  • Understanding RBAC with Cisco Secure ACS
  • Configuring Cisco Secure ACS and Cisco Security Manager for RBAC Integration

Lesson 4: Backing Up and Restoring Cisco Security Manager Databases

  • Database Backup in Cisco Security Manager
  • Database Restore in Cisco Security Manager

Lesson 5: Using Monitoring, Troubleshooting, and Diagnostic Tools

Lab Outline

  • Lab 1-1: Configuring Device Bootstrap and Testing Connectivity
  • Lab 1-2: Importing Devices
  • Lab 1-3: Defining Interface Roles and Usage
  • Lab 1-4: Creating Policy Objects
  • Lab 2-1: Managing Firewall Policy—Policy Sharing
  • Lab 2-2: Managing Firewall Policy—Policy Inheritance
  • Lab 2-3: Configuring NAT and Inspecting Configuration Commands Prior to Deployment
  • Lab 2-4: Configuring Event Monitoring and Configuration Correlation for Firewalls
  • Lab 3-1: Managing SSL VPN Deployment Using Cisco AnyConnect
  • Lab 3-2: Managing Clientless SSL VPN Deployment
  • Lab 3-3: Managing DMVPN Deployment
  • Lab 3-4: Managing GET VPN Deployment
  • Lab 4-1: Configuring the Cisco IOS IPS
  • Lab 4-2: Configuring the Cisco IPS Module
  • Lab 4-3: Configuring Event Monitoring and Configuration Correlation for IPSs
  • Lab 5-1: Configuring the Cisco IOS Software Router
  • Lab 5-2: Managing DHCP Devices with the CiscoWorks Auto Update Server
  • Lab 6-1: Configuring FlexConfigs
  • Lab 6-2: Configuring Cisco Secure ACS and Cisco Security Manager Integration
Contact Us 1-800-803-3948
Contact Us
FAQ Get immediate answers to our most frequently asked qestions. View FAQs arrow_forward