> > > SDCSE Detailed outline

Security in the DC: Architectures, TrustSec and ACI (SDCSE)

Course Description Schedule Course Outline

Detailed Course Outline

Positioning Security in the Data Center
  • Data Center trends and Solutions
  • Business Challenges
  • Security Challenges and priorities
  • Evolution of Traditional Data Center to cloud
Trends and Architecture
  • Evolution of Data Center architecture
  • Journey to the Cloud
  • DC traditional and evolving use cases
Evolution of Data Center Architecture
  • Security Building blocks (Segmentation)
  • VXLAN, DCI, LISP
  • Traditional Data Center to Application-Centric Infrastructure Security (ACIS)
Securing with ASA’s
  • Physical Firewalls: ASA 5585 Appliances
  • Virtualized ASA Firewall
  • Firewall Design Modes of Operation
  • ASA Failover
  • DC Scale Physical Firewalls with Clustering
  • Clustering features
  • Control and Data Interfaces
  • Packet flow through Cluster
  • Monitoring and Troubleshooting Clustering
Inter Data Centre (DC) Clustering
  • Split or Single Individual Mode Cluster
  • Extended Spanned Etherchannel Cluster
  • Split Spanned Etherchannel Cluster
Segmentation with TrustSec
  • TrustSec Relevancy to Data Center
  • How SGT/SGA Scales Policy Control
  • Policy Definition – ISE Policy Matrix
  • Use Cases for TrustSec in the Data Center
Threat Prevention
  • Firewall is not enough
  • IPS in Data Centers
  • What is FirePOWER™?
  • Firesight Management
  • Deployment Scenario
  • Cisco CVD Use Cases
  • ASA Cluster “Sandwich”
  • Nexus 7K EEM Scripts for SF Failure Monitoring
AMP add CTD and Cyber Security Insert


Virtualization
  • Common Virtualization Concerns
  • Virtualization Security
  • Managing Virtual Networking Policy
  • Cisco ASAv
Application-Centric Infrastructure Security (ACIS)
  • Centralized Policy Management and Automation
  • What is a REST API?
  • ASAv Flexible Licensing
  • vASA and vSwitch
  • Routed and Transparent Firewall
  • ASAv Deployment: Cloud Security FW+VPN
  • ASAv and VSG Compared
Comparing Cisco Virtual Firewalls
  • vIPS / vIDS
  • Journey to the Cloud “What can we do today to prepare for the cloud?”