Description

The Securing Industrial IoT Networks with Cisco Technologies (ISECIN) v1.0 is a 5-day instructor-led course that provides an overview of the IoT enabled industrial verticals (manufacturing, energy, O&G, utilities, process control), architectures, and IIoT security requirements, frameworks, and regulations. Security protocols, vulnerabilities, and the process of securing against the vulnerabilities are examined in depth and practiced in the hands-on lab environment.

This comprehensive training helps to prepare security professionals to defend and respond to ongoing attacks to critical IoT enabled infrastructures such as utilities, transportation and smart cities. Course topics provide best practices to secure, monitor and respond to ever-present attacks, including IoT security requirements, frameworks, and regulations; understanding and securing against vulnerabilities; utilizing Cisco TrustSec, next-generation firewalls (NGFW), and intrusion prevention systems (NGIPS) to secure IIoT networks. Training scope includes understanding the IoT framework, regulations, industrial protocols and standards, physical security and device hardening, zone/cell segmentations, vulnerabilities assessment and implementation of layered security.

Objectives

After finishing this course, you will be able to:
  • Understand the convergent enterprise and industrial IoT architecture, components and applications
  • Contrast enterprise IT vs. industrial OT security
  • Define layered security requirements from the network edge to the core, and from access to applications layer
  • Protect endpoints, communications as well as data at rest and in motion
  • Compliance to standards and regulations and auditing
  • Understand protocols, applications and IPv6 for IIoT
  • Identify vulnerabilities and threat
  • Familiarize with common implementation issues
  • Assess, monitor and detect vulnerabilities
  • Walk through IIoT attacks
  • Adopt best practices in design principles and process for securing and segmenting IIoT networks
  • Application of the converged security model for the broader industry: manufacturing, utilities, transportation, O&G
  • Secure and monitor/detect the IIoT framework with next generation security products and tools

Outline

The course contains the following components:
  • Describing Converged Enterprise and Industrial IoT Networks, Architectures, and Frameworks
  • Describing Industrial IoT Network Security Requirements
  • Describing Protocols Used in Converged Enterprise and Industrial IoT Networks
  • Analyzing IoT Vulnerabilities
  • Exploiting Vulnerabilities in Industrial IoT Networks
  • Describing the Process of Securing Industrial IoT Networks
  • Hardening Devices in Industrial IoT Networks
  • Implementing Network Infrastructure Security in Industrial IoT Networks
  • Describing the Characteristics of Cisco NGFWs in Industrial IoT Networks
  • Securing Communications in in Industrial IoT Networks Using Basic Cisco NGFW and Cisco NGIPS Features
  • Implementing Advanced Security Features on NGFW and NGIPS in Industrial IoT Networks
  • Using the Cisco TrustSec Solution in Industrial IoT Networks
  • Implementing VPN Solutions in Industrial IoT Networks
  • Describing the Industrial IoT Network Framework and Regulations
  • Bonus Content: Describing Physical Security in Industrial IoT Networks
  • Bonus Content: Monitoring Industrial IoT Networks
Lab outline:
  • Explore an Industrial IoT Network
  • Explore Industrial IoT Network Components and Identify Their Security Requirements
  • Analyze Layer 2 and Layer 3 Network Protocol Traffic in an Industrial IoT Network
  • Analyze Operations Technology Protocol Traffic
  • Explore Assets and Detect Vulnerabilities in an Industrial IoT Network
  • Insert a Rogue Device
  • Implement an Attack Against OT Assets
  • Analyze Attacks Against IoT Networks
  • Classify Assets and Identify Relationships Between Assets in Industrial IoT Network
  • Implement Device Hardening on Industrial Network Devices
  • Explore Network Infrastructure Security Features on Cisco Industrial Ethernet Switches
  • Explore Network Infrastructure Security Features on Cisco Industrial Ethernet Switches 2
  • Implement Cisco NGFWs in Routed Mode and in Transparent Mode in an Industrial IoT Network
  • Implement Access Control for Network Segments
  • Implement a Cisco FirePOWER Module with Basic Settings
  • Implement Advanced Access Control and OT Application Inspection for Network Segments
  • Implement IEEE 802.1X on Industrial Switches
  • Implement SGTs on Industrial Switches
  • Implement a Remote-Access VPN to Manage Industrial IoT Networks
  • Explore Industrial IoT Network Components and Identify the Applicable Security Standards and Regulations

Prerequisite Knowledge

It is highly recommended to have the following skills and knowledge before attending this course:
  • IP Networking Basics: INICS, ICND1 equivalent
  • OT Networking Basics: ICINS, IMINS or IMINS2
  • Network Security Basics: CCNA Security level of knowledge