Detailed Course Outline
Module 1: Security and Tool Essentials
- Tools and Traffic Sources
- Tool Types – Inline/Out-of-Band
- Choosing a Traffic Source
- Tap Selection and Placement
Module 2: Addressing Common Threats
- Review of Security Challenges
- Traffic Source Selection
- Threat Vectors
- Common Security Vulnerabilities
- Review of common threats
- Basic Data Taxonomy
- Democratization of Malware
- Example of an Advanced Persistent Threat (APT)
- What Can Be Done
- Courses of Action
- Ways to break a kill chain
- The new security model
Module 3: Security and Monitoring Tools & Types
- Tools, Tool Groupings and What Traffic They Need
- Security and Monitoring Tools
- Security Tools
- Supporting Security Tools
- Deploying Security Tools
- Out-of-Band Monitoring
- Inline Monitoring
- Inline/Out-of-Band Tool Impact
- Company Philosophy
- Tool Groupings and Arrangements
- Tool Redundancy Schemes
- Tool/group redundancy schemes
- Inline Tool Failover Schemes
- NAT/PAT Gateways
- Passive or Explicit
- Redundancy and Failover Schemes
- Networking Infrastructure Devices
- Traffic Forwarding
- Traffic Types
Module 4: Traffic Filtering
- Networking protocol usage
- Filtering Traffic
- Traffic sizing considerations
- Filtering Fundamentals
- Packet Sizes and uses
- Firewall Concepts
Module 5: Tool Sizing and Visibility Sizing
- Traffic Requirements/minimum # tool nodes/sizing
- Knowing When the Packet Access is Over-Subscribed
- Packet access Sizing – Traffic Volume
- Load sharing
Module 6: Gigamon Platform Architecture
- Installation and Setup (GigaVUE)
- Box Setup
- Port behaviors
- Basic Flow Mapping
Module 7: Traffic Intelligence - GigaSMART
- GigaSMART Application usage
- Highlighted GigaSMART Features – GigaSECURE
- GigaSMART Performance and Capacity
- GigaSMART sizing and restrictions
- GigaSMART processing dependencies
Module 8: Classic Inline Bypass
- Classic Inline Bypass data processing
- Configuration specifics and examples
Module 9: Flexible Inline Bypass
- Flexible Inline Bypass data processing
- GigaSMART involvement / configuration
Module 10: SSL Essentials
- Inline SSL decryption solution
- URL categorization and whitelisting
Module 11: Implementing Inline SSL Decryption
- Inline SSL configuration
- Gigamon specific support features
- Whitelisting support & configuration
Module 12: Virtualization and Cloud Technologies
- Virtual Machines Concepts
- Virtual Networking Concepts
- Cloud Architectures
- Cloud Visibility Challenges
- Solutions for Cloud Visibility
- OpenStack Multi-Tenant
- Amazon Web Services and Microsoft Azure
Module 13: GigaSECURE Cloud
- GigaSECURE Cloud Visibility Elements
- GigaSECURE for OpenStack, AWS, and Azure Deployments
- Identify the Requirements; Size the Solution
Module 14: Gigamon SECURE Cloud: Solution Configurations
- GigaSECURE Virtual Deployments
- GigaSECURE Cloud Deployments
- GigaSECURE Cloud: VSeries Appliance and Visibility Tier Deployments
Module 15: Gigamon Maintenance and Operations
- User management
- Product Upgrading and Updating
- System requirements & process details
- Clustering benefits
- Configuration of Clustering
Labs:
- Lab 1: Understanding Protocol Behaviors
- Lab 2: Wireshark Trace File Activity
- Lab 3: Trace File – HC2 Activity
- Lab 4: Chassis Port Setup and Prep
- Lab 5: GigaSMART Application: De-duplication
- Lab 6: GigaSMART Application: NetFlow Generation
- Lab 7: GigaSMART Application: Adaptive Packet Filtering
- Lab 8: GigaSMART Application: Application Session Filtering
- Lab 9: Trace File – SSL Activity
- Lab 10: GigaSMART Application: Passive SSL Decryption
- Lab 11: Classic Inline Bypass Configuration
- Lab 12: Email Flexible Inline Bypass Configuration
- Lab 13: GigaSMART Application: Inline SSL Decryption
- Lab 14: GigaVUE-VM
- Lab 15: Introduction to the Visibility Platform for AWS
- Lab 16: Design a Basic Architecture for Private Cloud
- Case Study: Design a Basic Architecture for VMware Private Cloud
- Case Study: Design a Basic Architecture for OpenStack Private Cloud
- Lab 17: Design a Basic Architecture for Public Cloud
- Case Study: Visibility Tools Located in the Enterprise Data Center
- Lab 18: Configuration Back Up and Restore
- Lab 19: Removing All Configurations
- Lab 20: H Series Clustering
- Lab 21: Port Behavior Setup
- Lab 22: Passall Configuration
- Lab 23: Simple Flow Map Configuration
- Lab 24: More Complex Flow Map Configuration with Rule Prioritization
- Lab 25: Shared Collector Configuration
- Lab 26: User-Defined Attribute Filter
- Lab 27: Tool Mirror
- Lab 28: Replication and Egress Filtering
- Lab 29: Hybrid Ports
- Lab 30: Tool GigaStream
- Lab 31: Port-Pair
- Lab 32: Snooping LLDP/CDP