Description

The Deploying Security in Cisco ACI (DSACI) v1.0 is a 4-day instructor-led, hands-on course that introduces learners to implementation of the secure Cisco Application Centric Infrastructure (ACI) operation, as well as to integration of security services with the Cisco ACI Fabric.
This course provides learners with a brief overview of Cisco ACI architecture, including an examination of the Cisco Nexus 9000 Series Switches for data centers. Learners also have the opportunity to discover how to implement security mechanisms in the operational infrastructure with the Cisco ACI environment. On top of that learners explore the process for provisioning security services in Cisco ACI, including external Cisco Adaptive Security Appliance (ASA), Adaptive Security Virtual Appliance (ASAv) instances, and Cisco Firepower capabilities.

Choose date

Date
Lang.
Location
Price chage currency
Date: from 25.6.2019 to 28.6.2019 (Guaranteed date)
Language: English
Location: Online (CDT, UTC-05:00)
4000 $ Book now

Objectives

Upon completing this course, the learner will be able to meet these overall objectives:
  • Get familiar with basic Cisco ACI architecture and operation
  • Introduce tenant security
  • Deploy security domains
  • Configure secure fabric operation
  • Integrate authentication, authorization, and accounting (AAA)
  • Recognize microsegmentation
  • Understand L4–L7 service graphs
  • Deploy function profiles
  • Integrate external ASA device
  • Integrate ASAv appliance
  • Implement Cisco Firepower Next-Generation Intrusion Prevention System (NGIPS) integration

Outline

The course contains these components:
  • Basics of Cisco ACI
    • Cisco APIC Architecture and Operation
    • Cisco ACI Logical Elements
    • Lab 1: Exploring the Cisco ACI Fabric
    • Lab 2: Exploring the Cisco APIC
  • Security Built In to Cisco ACI
    • Inherent Cisco ACI Security Mechanisms
    • Securing the Cisco ACI Environment from Threats
    • Lab 3: Configuring Cisco Secure Access Control System (ACS) Terminal Access Controller Access Control System+ (TACACS+) Integration
  • Security Services in Cisco ACI
    • L4–L7 Services Key Concepts
    • Lab 4: Configuring Cisco ACI L4–L7 Service Insertion
    • Security Appliances in Cisco ACI
    • Deploying Cisco ASA in Cisco ACI
    • Lab 5: Configuring a Firewall High-Availability Pair
    • Lab 6: Configuring and Inserting a Firewall High-Availability Pair in Routed Mode
    • Deploying Cisco ASAv in Cisco ACI
    • Lab 7: Configuring and Inserting an ASAv in Transparent Mode
    • Deploying Cisco FirePOWER NGIPS in Cisco ACI
    • Lab 8: Configuring and Inserting a Virtual Cisco Firepower NGIPS in Inline Mode

Prerequisite Knowledge

The knowledge and skills that a learner should possess before attending this course are as follows:
  • Complete knowledge of Cisco networking
  • Data center and virtualization knowledge
  • Network and data center security skills