Description

Implementing an Integrated Threat Defense Solution (SECUR201) is a 2-day instructor-led, lab-based, hands-on course, designed to help businesses implement and operate their Cisco Integrated Threat Defense solution. This lab-intensive course introduces you to Cisco’s Integrated Threat Defense solution with a focus on product integration. The skills you will learn include:
  • Integration of solution components with existing network services
  • Integration of solution components with the pxGrid framework
  • Integration of network- and endpoint-based malware protection
  • Observation of security data flow after introduction of malware

The course begins with an analysis of the current cybersecurity landscape and includes details on why networks today need an integrated threat defense architecture. You will integrate and verify proper operation of the key Cisco Integrated Threat Defense products, including Cisco Identity Services Engine (ISE), Cisco Stealthwatch, Cisco Firepower NGFW, and Cisco AMP for Endpoints. Verification includes the introduction of malware into the network to ensure proper identification, analysis, and quarantine. SECUR201 course combines lecture materials and hands-on labs that give you practice in configuring the solution integrations.

Objectives

After finishing this course, you will be able to:
  • Describe the current network security landscape and the Cisco Integrated Threat Defense (ITD) solution
  • Describe the key components of the ITD solution and their use in the network
  • Configure the ISE for a baseline of operation in the ITD solution
  • Configure the integration between the Stealthwatch and ISE platforms
  • Configure the integration between the Cisco Firepower and ISE platforms
  • Configure the integration between Cisco Firepower and AMP for Endpoints

Outline

The course contains these components:
  • Integrated Threat Defense Introduction
  • ITD Products
  • Identity Services Engine Setup
  • Integration of Stealthwatch with Identity Services Engine
  • Integration of Firepower with Identity Services Engine
  • Integration of Firepower with AMP for Endpoints

Lab Outline:
  • Lab: Connecting to the Lab Environment
  • Lab: Integrating ISE and Active Directory
  • Lab: ISE and ASA Integration
  • Lab: Configuring pxGrid and Client Certificates
  • Lab: Integrating Stealthwatch with Identity Services Engine
  • Lab: Integrating NVM with AnyConnect
  • Lab: Integrating Firepower with Identity Services Engine
  • Lab: Integrating AMP for Endpoints with Firepower

Prerequisite Knowledge

Cisco recommends that you have the following knowledge and skills before taking this course:
  • Technical understanding of TCP/IP networking and network architecture
  • Technical understanding of security concepts and protocols
  • Familiarity with Cisco ISE, Stealthwatch, Firepower, and AMP is an advantage