Description

The Implementing Cisco SD-WAN Security and Cloud Solutions (SDWSCS) v1.0 is a 3-day instructor-led or virtual instructor-led advanced training course focused on Cisco SD-WAN security and cloud services. Through a series of labs and lectures you will learn about on-box security services, including application aware enterprise firewall, intrusion prevention, URL filtering, malware protection, and TLS or SSL decryption. You will also learn about cloud integration with multiple cloud services providers and multiple use-cases.
Additionally, the lab will allow you to configure and deploy local security services and cloud security services with the Cisco Umbrella Secure Internet Gateway (SIG), as well as integrate the Cisco SD-WAN fabric with a cloud service provider using the Cisco vManage automated workflows.

This course will help you introduce you to the security and cloud services available in Cisco SD-WAN and help you understand drivers, benefits, available features, and the architecture of Cisco SD-WAN integrated and distributed security and cloud networking services.

Objectives

After completing the course, you should be able to:
  • Describe Cisco SD-WAN security functions and deployment options
  • Understand how to deploy on-premises threat prevention
  • Describe content filtering options
  • Implement secure Direct Internet Access (DIA)
  • Explain and implement service chaining
  • Explore Secure Access Service Edge (SASE) and identify use cases
  • Describe Umbrella Secure Internet Gateway (SIG) and deployment options
  • Implement Cisco Umbrella SIG and DNS policies
  • Explore and implement Cloud Access Security Broker (CASB) and identify use cases (including Microsoft 365)
  • Discover how to use Cisco ThousandEyes to monitor cloud services
  • Configure Cisco ThousandEyes to monitor Microsoft 365 applications
  • Examine how to protect and optimize access to the software as a service (SaaS) application with Cisco SD-WAN Cloud OnRamp
  • Discover and deploy Cloud OnRamp for multi-cloud, including interconnect and collocation use cases
  • Examine Cisco SD-WAN monitoring capabilities and features with vManage and vAnalytics.

Outline

Course outline:
  • Introducing Cisco SD-WAN Security
  • Deploying On-Premises Threat Prevention
  • Examining Content Filtering
  • Exploring Cisco SD-WAN Dedicated Security Options
  • Examining SASE
  • Exploring Cisco Umbrella SIG
  • Securing Cloud Applications with Cisco Umbrella SIG
  • Exploring Cisco SD-Wan ThousandEyes
  • Optimizing SaaS Applications
  • Connecting Cisco SD-WAN to Public Cloud
  • Examining Cloud Interconnect Solutions
  • Exploring Cisco Cloud OnRamp for Colocation
  • Monitoring Cisco SD-WAN Cloud and Security Solutions

Lab outline:
  • Configure Threat Prevention
  • Implement Web Security
  • Deploy DIA Security with Unified Security Policy
  • Deploy Service Chaining
  • Configure Cisco Umbrella DNS Policies
  • Deploy Cisco Umbrella Secure Internet Gateway
  • Implement CASB Security
  • Microsoft 365 SaaS Testing by Using Cisco ThousandEyes
  • Configure Cisco OnRamp for SaaS

Prerequisite Knowledge

Before taking this course, you should have a:
  • Basic understanding of enterprise routing
  • Basic understanding of WAN networking
  • Basic understanding of Cisco SD-WAN
  • Basic understanding of Public Cloud services

These recommended Cisco learning offerings may help students meet these prerequisites:
  • Implementing and Administering Cisco Solutions (CCNA)
  • Implementing Cisco SD-WAN Solutions (ENSDWI)
  • Cisco SD-WAN Operation and Deployment (SDWFND)