Cisco
Implementing Cisco IP Telephony and Video, Part 2 (CIPTV2)
023
Implementing Cisco IP Telephony and Video Год издания: 2016 Автор: William Alexander Hannah, Akhil Behl Жанр или тематика: Foundation Learning Guide Издательство: Cisco Press ISBN: 978-1-58714-455-4 Язык: Английский Формат: PDF Качество: Отсканированные страницы + слой распознанного текста Интерактивное оглавление: Да Количество страниц: 494
Кто знает, тот успешен
Cisco
Скачать Официальное руководство Cisco по подготовке к сертификационным экзаменам CCNA ICND2 200-101
022
CCNA ICND2 200-101 Год издания: 2015 Автор: Wendell Odom / Уэнделл Одом Переводчик: В. Коваленко Жанр или тематика: Official Cert Guide Издательство: Вильямс ISBN: 978-5-8459-1907-6, 978-1-5871-4488-2 Серия: Cisco Press Core Series Язык: Русский Формат: PDF Качество: Отсканированные страницы + слой распознанного текста Интерактивное оглавление: Нет Количество страниц: 736

Кто знает, тот успешен
Cisco
Официальное руководство Cisco CCENT/CCNA ICND1 640-822 , 3-ье издание
012
Официальное руководство Cisco CCENT-CCNA ICND1 640-822 , 3-ье издание Год издания: 2013 Автор: Wendell Odom / Уэнделл Одом Переводчик: В.А. Коваленко Жанр или тематика: Official Certification Guide Издательство: Вильямс ISBN: 978-5-8459-1807-9 Серия: Cisco Press Core Series Язык: Русский Формат: PDF Качество: Отсканированные страницы + слой распознанного текста Интерактивное оглавление: Да Количество страниц: 706 Стоимость 800 рублей
Кто знает, тот успешен
Cisco
Pluralsight — Cisco CCNA Data Center Unified Fabric, UCS & Network Services
021
CBT Nuggets Производитель: Год выпуска: 2014 Продолжительность: 6:11:00 Тип материала: Видеоурок Язык: Английский Стоимость: 1999 рублей Описание: The CCNA Data Center covers a wide range of technologies found in the data center. In this course, we dive deep into the concepts of unified fabric with the FCoE protocol, along with complimentary technologies found in the data center bridging extensions such as Priority-based Flow Control (PFC) and Enhanced Transmission Selection (ETS). We'll then move on to the Cisco UCS platform, spending time reviewing the products and solutions within the UCS stack, while also taking the time to do a full initial setup and configuration in the lab. Finally, we'll go over the Nexus 1000v switch - including an install and configure lab - and how virtualization impacts the data center.
Кто знает, тот успешен
Cisco
Introducing Cisco Data Center Networking (640-911)
016
CBT Nuggets Производитель: Год выпуска: 2014 Продолжительность: 12:11:00 Тип материала: Видеоурок Язык: Английский Стоимость: 1999 рублей Описание: This Cisco video training with trainer Anthony Sequeira covers Data Center networking technologies, including topics such as network layer addressing, LAN switching, routing, and more. Related area of expertise: Cisco Data Center Recommended skills: Familiarity with the Windows or MAC operating system Ability to use the Internet and its related functions such as web browsing and email
Кто знает, тот успешен
Cisco
Cisco CCNA 640-875 SPNGN1
028
CBT Nuggets Производитель: Год выпуска: 2014 Продолжительность: 14:35:53 Тип материала: Видеоурок Язык: Русский Стоимость: 1999 рублей Описание: This Cisco video training course with Jeremy Cioara covers networking concepts that are crucial to service provider architecture, including the OSI Model, switch and router functionality, IOS, network services, and more. Related area of expertise: Cisco Service Provider Recommended skills: Basic computer skills Basic understanding of network functionality
Кто знает, тот успешен
Cisco
CCNA Security 640-554 Video Boot Camp With Chris Bryant
014
CBT Nuggets Производитель: Год выпуска: 2014 Продолжительность: 12:11:00 Тип материала: Видеоурок Язык: Английский Стоимость: 1999 рублей Описание: упакованы в лабораториях с помощью Cisco Configuration Professional, Cisco IOS Firewall, и многое другое, вы будете готовы к работе для достижения успеха в комнате для исследований и реальный мир после того, как вы принять этот курс CCNA Security учебный курс! [wpspoiler name="Подробное описание" ] 01 - Cisco Password Review, Lab, and Real-World Password Discussion 02 - Cisco Password Configuration and Encryption Lab 03 - Network Time Protocol Discussion 04 - NTP Lab With CCP 05 - CCNA Security Video Exam - NTP 06 - Telnet and SSH Discussion 07 - Telnet Lab 08 - SSH Lab 09 - SNMP 10 - Logging and Timestamps Discussion and Command-Line Lab 11 - Logging CCP Lab 12 - Views Discussion, Lab Begins 13 - Conclusion of 'Views' Lab 14 - TCP Intercept 15 - CISCO IOS Resilient Configuration Discussion and Lab 16 - CISCO IOS Resilient Configuration Video Practice Exam 17 - VLAN Review, VLAN Hopping 18 - Lab - Disabling DTP On Live Trunks 19 - BPDU Guard Discussion and Lab 20 - Root Guard Discussion and Lab 21 - Port Security Discussion 22 - Port Security Lab 23 - DHCP Snooping Discussion and Lab 24 - Dynamic ARP Inspection Discussion 25 - Dynamic ARP Inspection Lab 26 - CCP Introduction, Prerequisites, and Discussion 27 - CCP Walkthrough 28 - CCP User Profiles Lab 29 - CCP Template Creation Lab 30 - CCP Security Audit and One-Step Lockdown Lab 31 - Bonus Lab - Autosecure 32 - CCP Wrapup and Real-World Word of Warning 33 - AAA Fundamentals, Authentication Discussion 34 - RADIUS VS TACACS 35 - Method Lists Discussion and Walkthrough 36 - AAA Lab - Don't Lock Yourself Out 37 - AAA Lab - Banners and Prompts 38 - Configuring AAA with CCP (And Bonus CCP Section) 39 - ACL Fundamentals 40 - Standard and Extended ACLS 41 - Named ACLS 42 - Filterinng VTY Line Traffic with ACLS 43 - Where To Put ACLS In Your Network 44 - Blocking Pings With ACLS 45 - Sequence Number Introduction 46 - Sequence Numbers In Action 47 - Creating ACLS with CISCO Configuration Professional 48 - Removing ACLS with CISCO Configuration Professional 49 - Time-Based ACLS 50 - Intro to IPS and IDS 51 - Anomaly and Reputation Signatures, Risk Ratings Intro 52 - CCP Lab - Installing SDEE, IPS Wizard, and Signatures 53 - Editing SDF Signatures 54 - The Monitor Window 55 - Second Verse, Not Same as the First 56 - CISCO IPS Risk Ratings Explained PDF 57 - What Are VPNS 58 - Intro to Cryptographic Algorithms 59 - RSA and DES Discussion 60 - The RSA Process and the Certificate Authority 61 - An Illustrated Look at Digital Signatures 62 - More Certificate Authority 63 - Intro to SCEP and OCSP 64 - Introduction to IP SEC 65 - IPSEC Security Agreements and More 66 - Site-to-Site VPN Lab 67 - SSL Client Discussion 68 - SSL Wizards Walkthrough 69 - Cryptography Warning 70 - Intro to Firewalls and Best Practices 71 - Stateless and Stateful Firewalls 72 - Intro to CISCO Zone-Based Firewalls 73 - IP Addresses for Firewall Wizard Labs 74 - Basic Firewall Wizard Lab Starts 75 - Basic Firewall Lab Concludes 76 - Advanced Firewall Wizard Lab Begins 77 - Advanced Firewall Wizard Lab Concludes 78 - Examining Class Maps, Policy Maps, and Service Policies 79 - NAT And PAT Refresher and Config With CCP 80 - ASA Theory and Fundamentals 81 - ASDM Tour 82 - ASDM Firewall Defaults and Configs 83 - Security Policy Starters 84 - Risk Analysis and Management 85 - The Cisco NFP Theorem 86 - IP Version 6 Fundamentals and Best Practices [/wpspoiler]
Кто знает, тот успешен
Cisco
Cisco Virtual Internet Routing Lab (VIRL)
144
CBT Nuggets Производитель: Год выпуска: 2014 Продолжительность: 03:08:16 Тип материала: Видеоурок Язык: Английский Стоимость: 1999 рублей Описание: Cisco VIRL (Virtual Internet Routing Lab) is the personal edition of Cisco Modeling Labs. VIRL’s designed to provide students and network engineers with a platform to emulate various Cisco operating systems including IOS, IOS XR, and NX-OS in an easy to use GUI. Recommended skills: Familiarity with Cisco IOS and various computer operating systems Use of the internet and its related tools such as Telnet, WWW, and email Recommended equipment: Host system must be able to access the internet periodically Four CPU cores and 8GB of DRAM. More resources allows for larger simulations Intel VT-x / EPT or AMD-V / RVI virtualization extensions present and enabled in the BIOS 50GB of free disk space for installation VM Maestro User Interface client requires Java JRE 6+ to be installed VMware Fusion Pro v5.02 or later (including v6.x or v7.x) or VMware Workstation v8.04 or later (including v9.x and 10.x) or VMware Player v5.02 or later*** (including v6.x) or ESXi 5.1 / 5.5 using the vSphere Client: ESXi 5.1U2 (Build 1483097) or ESXi 5.5U1 (Build 1623387)**** Related certifications: Cisco Certified Network Associate (CCNA) Cisco Certified Network Professional (CCNP) Cisco Certified Internetwork Expert (CCIE) Cisco Certified Design Expert (CCDE) Related job functions: Systems admin Network admin Network operations analyst Network technician Network design expert Cisco VIRL is making a huge buzz in the industry. In this course, you will learn its critical features and how to use the product. Whether you are evaluating VIRL for your studies or network analysis, or you already have the product and want to ensure you can utilize it, this course will provide what you need. [wpspoiler name="Подробное описание" ] 1. What is VIRL? (00:05:35) Not sure exactly what Cisco VIRL is, and what it can do for you? Then this Nugget is a must. 2. Emulators vs. Simulators (00:04:52) Is there a difference? Yes, yes, there is. 3. VIRL Versions (00:04:15) What are the various versions of VIRL and how do they differ? 4. VIRL Requirements (00:07:13) What hardware and software do we need in place to install and run VIRL? Find out in this Nugget! 5. Installing VIRL (00:17:54) This Nugget details and demonstrates the installation of Cisco VIRL. 6. Validating the VIRL Installation (00:02:37) Did the install process go smoothly? Are you ready to successfully use VIRL? Find out how to verify all of this in this Nugget. 7. VMware ESXi Installation (00:38:05) In this Nugget, Scott Morris demonstrates his installation of VIRL on ESXi in a VMware vSphere environment. 8. Installing VM Maestro (00:10:40) The GUI for controlling Cisco VIRL is called VM Maestro. In this Nugget, you learn how to install and troubleshoot this installation. 9. Touring VM Maestro (00:08:31) There are lots of panes to be found in the VM Maestro GUI. What do they all mean? Learn all that, and watch a basic workflow example in this critical Nugget. 10. Creating a New Project and Topology (00:08:34) In this Nugget, watch Anthony demonstrate how simple it is to create a working topology in VIRL. 11. Using Your Own Telnet Client (00:03:52) In this Nugget, Anthony demonstrates how to use your own Telnet and SSH client with the VIRL simulator. This is a must if your plan on using VIRL to practice key router configurations. 12. Performing a Non-Disruptive Upgrade (00:10:56) Great news! Cisco will be updating VIRL to fix bugs and add features. In this Nugget, watch as Anthony walks you through version verification and a non-disruptive upgrade of VIRL and the VM Maestro client. 13. Practicing with Unconfigured Devices (00:06:03) In this Nugget, Anthony demonstrates how simple it is to practice with nonconfigured devices in VIRL. 14. Creating a Simple Preconfigured Simulation (00:09:45) In this Nugget, watch as Anthony creates and customizes a dual stack EIGRP-connected simple topology. 15. Creating More Complex Topologies (00:07:20) VIRL is excellent at helping you pre build more complex configurations. 16. Using Visualizations (00:04:41) VIRL is great at building diagrams of your configurations! 17. Exploring the NX-OS (00:10:20) Yes, you can experiment with basic NX-OS features. This Nugget walks you through this. 18. Working with Device Configurations (00:09:16) In this Nugget, Anthony Sequeira demonstrates how to export configurations, modify them on the fly, and import them into VIRL. 19. Using Sites and Servers (00:05:28) In this Nugget, Anthony Sequeira trains you how to use sites in VIRL in order to make larger topologies more logical and hierarchical. This Nugget also shows how to implement servers in your simulations. 20. Connecting to External Networks (00:08:27) Want your simulation to reach out to the local host machine and beyond? This Nugget is for you. 21. More Information (00:03:52) Looking for more information on Cisco VIRL? Like breaking news or exciting new features? Check out this video, and ultimately, Anthony's blog at ajsnetworking.com - here you get just the important latest stuff, and can get your VIRL questions answered quickly. [/wpspoiler]
Кто знает, тот успешен
Cisco
Cisco CCNP Routing and Switching 300-101 Route
012
CBT Nuggets Производитель: Год выпуска: 2014 Продолжительность: 08:12:56 Тип материала: Видеоурок Язык: Русский Стоимость: 1999 рублей Описание: This Cisco video training course with Jeremy Cioara covers the material needed for the 300-101 Cisco ROUTE exam with real-world experience and gobs of technical content packed together in one. Recommended skills: Basic understanding of concepts taught in ICND1/ICND2 Recommended equipment: GNS3 v1.x Cisco IOS image (12.x or 15x) supported by GNS3 Optional: Cisco VIRL, live gear (three 2621XM routers are ideal) or simulators/emulators supporting the technology in the lab may be used instead of GNS3 v1.x. Related certifications: Cisco CCNP Routing and Switching Cisco CCIE Routing and Switching Related job functions: Network technician Network engineer The worldwide network landscape is continually changing with new technologies being introduced continually. The new revision of the Cisco ROUTE exam is the most information packed addition to the CCNP curriculum experienced to date! By the time you're done watching, you'll be ready to configure routing protocols at a master level; grasp the big-picture of worldwide Cisco network design; fill in plenty of “knowledge gaps” left by the CCNA on routing protocols; and confidently sit for the 300-101 exam. [wpspoiler name="Подробное описание" ] 1. Welcome: Course Overview and Cisco Certification (00:13:37) If you've just opened the Cisco ROUTE course, start here! In this opening Nugget, Jeremy walks through the Cisco Certification programs (answering many common questions) and gives you the tools you need to maximize your experience as you progress through the course. 2. Intro: Technology Connecting Offices (00:23:26) A route is only as good as the two OSI layers below it! In this Nugget, Jeremy discusses the multiple ways to connect offices in the modern world (MetroEthernet, MPLS, Packet switching, DMVPN, etc...) which lays the foundation for the routes you will build in the rest of the course. 3. Intro: A Focus on GRE and DMVPN (00:32:57) GRE and DMVPN represents a "gap" in knowledge for most network engineers; many have heard the terms but never fully understood the concept. In this Nugget, Jeremy does a masterful job of cramming together concept and configuration in one action-packed adventure. 4. Intro: Routing Protocol Choices (00:11:44) It's time to transition from the physical topology connections into the logical routing world! In this Nugget, Jeremy reviews the "big picture" of routing and covers the high-level view of the four protocols we will discuss in this course: RIP, EIGRP, OSPF, and BGP. 5. Intro: IPv6 Review and RIPng (00:25:48) Reviewing IPv6 is similar to smashing your face on a grassy hill?!? Yes, this will make sense once you watch this Nugget. In here, you'll review IPv6 addressing types, communication types, and configuration (with a little RIPng thrown in for fun!). 6. EIGRP: Overview, Communication, and Neighbors (00:27:50) If EIGRP was a sports car... we would drive it! Join Jeremy in this Nugget as he explores the intricacies of the EIGRP protocol. You will learn the advantages of EIGRP over other protocols, the terminology (feasible successor, active routes, etc...), the neighbor relationship process, and the EIGRP metric calculation (K-Value formula)! 7. EIGRP: Base Configuration (00:09:34) In this Nugget, Jeremy configures a basic, 3-site EIGRP network discussing the best practices around the "network" and "auto-summary" commands. 8. EIGRP: Summary Routes (00:09:35) In this Nugget, Jeremy walks through the quickest way to do summarization (backing out binary digits on a subnet mask) and implements it in an existing EIGRP-based network. 9. EIGRP: Security (00:12:06) By default, EIGRP is the friendliest routing protocol in town, forming neighbor relationships with anyone speaking the same "autonomous system language." In this Nugget, Jeremy walks through the addition of security to the EIGRP process through passive interfaces and authentication. 10. EIGRP: L2 and L3 MPLS Design (00:08:19) MPLS has replaced Frame Relay as the "darling of the industry" connection type. In this Nugget, Jeremy discusses the best practice design for implementing EIGRP over a L2 or L3 MPLS architecture. 11. EIGRP: Frame Relay Design (00:12:24) Yes, Frame Relay IS still around! In this Nugget, Jeremy does a masterful job of reviewing Frame Relay at "ninja-speed," and then dives into the considerations for running EIGRP over Frame Relay. 12. EIGRP: Frame Relay Point-to-Point Configuration (00:11:14) Join Jeremy in a fast-paced Nugget demonstrating the configuration of EIGRP over Frame Relay using a point-to-point design. 13. EIGRP: Frame Relay Multipoint Configuration (00:12:09) Join Jeremy in a fast-paced Nugget demonstrating the configuration of EIGRP over Frame Relay using a multipoint design. 14. EIGRP: Stub Routing (00:08:17) Everyone say it with me! Stub, stub, and stub. Yes, it's an odd word to say, but it is a key feature to controlling EIGRP query messages! In this Nugget, Jeremy unpacks the EIGRP Stub feature concepts and configuration. 15. EIGRP: Load Balancing (00:05:58) Load balancing is pretty awesome, but with EIGRP, it gets even better! EIGRP is the only routing protocol that allows you to implement unequal cost load balancing, which Jeremy demonstrates quite well in this Nugget. 16. EIGRP: IPv6 Configuration (00:06:02) Is there anything easier than setting up EIGRP for IPv4? Yes, setting it up for IPv6! In this Nugget, Jeremy walks through just how simple EIGRP can be. 17. EIGRP: Named Configuration (00:05:55) It's the new "IOS-XR-like" flavor of EIGRP configuration: EIGRP Named Configuration! Join Jeremy as he reviews the changes from classic EIGRP. 18. OSPF: Understanding Core OSPF Design (00:08:38) OSPF design is all based around the concept of "areas," key dividing points in your network. In this Nugget, Jeremy weaves through a description of multi-area configurations, area border routers (ABRs), autonomous system boundary routers (ASBRs), and virtual links. 19. OSPF: OSPF Neighbor Relationships - The Nitty Gritty (00:10:47) Understanding the "how" behind OSPF neighbor relationships is an element that separates the average and excellent network engineers. In this Nugget, Jeremy discusses the process (and potential breakdowns) behind the OSPF neighbor relationship. 20. OSPF: DR/BDR Relationships, Neighbor States, and SPF Algorithm (00:18:34) Get ready to have the "puzzle pieces come together" as Jeremy hits some of the core principles of OSPF operation: DR/BDR election, Neighbor communication and states, and SPF Algorithm (how OSPF generates a routing table). 21. OSPF: Implementing Summarization on ABRs and ASBRs (00:12:16) In OSPF, summarization capabilities are restricted to two specific router types: ABR and ASBR. In this Nugget, Jeremy demonstrates how to implement summarization on each one. 22. OSPF: Special Area Types (00:14:09) Stub? Totally stubby? Not-so-stubby? Are these really technical terms? Indeed they are! Join Jeremy through a whirlwind of concept and configuration as you learn the OSPF special area types. 23. OSPF: Virtual Links (00:06:31) Save the Hi-Chew Candy Corporation! In this Nugget, Jeremy walks through the concept and configuration of OSPF Virtual Links to bring Hi-Chew Australia into the fold. 24. OSPF: Configuring OSPFv3 (00:07:07) How do you configure OSPFv3 for IPv6? Does it support the same features? Is Jeremy getting old? The answers to all this and more are found in this Nugget! 25. Redistribution: Understanding Route Redistribution Concepts (00:11:22) Route redistribution can be awesome, but it can also blow up your network (which is why this is NOT a CCNA-level concept!). In this Nugget, Jeremy walks through the "what and why" behind route redistribution, and also addresses key filtering concepts such as prefix lists, route tagging, and adjusting the administrative distance. 26. Redistribution: Configuring Basic Redistribution (00:08:38) The Nugget title says it all: Jeremy performs a two-way redistribution between RIP and OSPF while at the same time making us very hungry for ham, steak, and eggs. 27. Redistribution: Filtering with Distribution Lists (00:08:21) Filtering routes during redistribution could save your network from a vicious routing loop. In this Nugget, Jeremy demonstrates how to combine the power of Access Control Lists (ACLs) with Distribution Lists to filter redistributed routes. 28. Redistribution: Prefix List Concepts (00:09:52) Prefix Lists are an alternative to using ACLs for filtering routes (used primarily with BGP). In this Nugget, you will learn prefix list concepts (they're a little weird at first) by working through multiple examples with Jeremy. 29. Redistribution: Route-map Concepts and Filtering (00:14:30) How are the Stay Puft Marshmallow Man and route maps similar? We guarantee this Nugget is the only place on the internet where you'll find the answer to that question. In this Nugget, you'll learn the basic concepts and syntax behind route-maps — and watch a demonstration of using route-maps to filter redistributed networks! 30. Redistribution: Configuring Redistribution with Prefix Lists (00:07:36) Prefix lists offer you the flexibility to match routes using a range of subnet masks rather than wildcard masking limitations of ACLs. In this Nugget, Jeremy walks through a very practical concept review and application of prefix lists in route filtering. 31. Path Control: Policy-Based Routing (00:14:36) You heard it here first: Policy-based Routing (PBR) is the No. 1 most powerful way you can influence traffic going through your Cisco router! In this Nugget, Jeremy walks through a practical illustration and demonstration of PBR for two clients choosing an exit ISP. 32. Path Control: Using IP SLA (00:16:09) In order to trigger the process of finding alternate routes, a router depends on link failure. However, with newer internet connections, those link failures may be difficult to detect. Never fear, IP SLA to the rescue! In this Nugget, Jeremy breaks down IP SLA concepts and walks through a fantastic configuration of configuring ISP redundancy with IP SLA. 33. BGP: Understanding Internet Connection Options (00:18:17) BGP is not for everyone. Actually, most people in the world should NOT run BGP! In this Nugget, Jeremy walks through the "typical" internet connections compared to BGP connections, reasons why you should or should not use BGP, and the key facts to know about BGP. 34. BGP: Understanding BGP Neighbor Relationships (00:22:53) Understanding the neighbor relationship process for ANY protocol is extremely valuable for the initial configuration and troubleshooting purposes. In this Nugget, Jeremy discusses the BGP neighbor formation process and messages and performs a configuration of BGP between two uplink service providers. 35. BGP: Understanding Key BGP Attributes (00:12:25) BGP attaches characteristics or "attributes" to each of its advertised routes which governs the reachability and quality of the route during the BGP route selection process. In this Nugget, Jeremy unpacks the mandatory and discretionary well-known attributes and explores the BGP route selection process. 36. Miscellaneous Protocols: Understanding and Configuring SNMPv3 (00:11:33) Minimize your distractions with this Nugget because it moves FAST (no double-speed required)! In this Nugget, Jeremy walks through the concepts and configuration of SNMPv3 on a Cisco router (even bringing in an SNMP management tool to demonstrate the monitoring capabilities). 37. Miscellaneous Protocols: Understanding and Configuring PPPoE (00:08:55) Ethernet is typically an "all access" medium. If you can plug into it, you're good! So what does a DSL carrier do when they have hundreds of subscribers plugging into their shared copper connections running the ethernet protocol? Add PPPoE-based authentication, of course! In this Nugget, Jeremy unpacks PPPoE concepts and presents a configuration snippet sure to move you in the right direction. 38. Miscellaneous Protocols: Cisco Easy Virtual Networking (EVN) (00:12:52) We have come to the mystical "Easy" Virtual Networking which claims to quickly and easily isolate your internal network environment... but is it really so easy? Join Jeremy as he unpacks this Cisco topic to explore the goal of EVN and take a look under the hood. [/wpspoiler]
Кто знает, тот успешен
Cisco
Cisco CCNP Security 300-209 SIMOS
023
CBT Nuggets Производитель: Год выпуска: 2014 Продолжительность: 09:13:56 Тип материала: Видеоурок Язык: Английский Стоимость: 1999 рублей Описание: This Implementing Cisco Secure Mobility Solutions (SIMOS) (300-209) course provides training on how to configure and implement a variety of Virtual Private Network (VPN) solutions on the Cisco ASA firewall and Cisco IOS software platforms. Topics include IKEv2, DMVPN, FlexVPN, GETVPN, and troubleshooting. Related area of expertise: Cisco security Recommended skills: CCNA Route/Switch and CCNA Security certification (or equivalent knowledge and skills) Knowledge of Microsoft Windows CCNA Security is a pre-requisite for the CCNP Security certification Recommended equipment: IOS that supports DMVPN, GETVPN and FlexVPN IOS and ASA that support IKEv2 Related certifications: CCNP Security. This course (SIMOS exam # 300-209) is part of the curriculum in the Cisco Certified Network Professional Security (CCNP© Security) certification Related job functions: Network Analyst Network Engineer Network Technician Network Designer Security Analyst Security Auditor Penetration Tester Security Architect Technical Manager In this course, you will learn how to implement and manage VPNs on Cisco routers and ASA firewalls. As part of your studies regarding VPNs, the course will include recommendations of specific videos from the CCNP Security VPN2.0 course. Viewing these additional videos are required for preparation for the new 300-209 certification [wpspoiler name="Подробное описание" ] 1. Welcome and Overview (00:06:36) In this Nugget, Keith discusses the prerequisites that enable you to get the most from this course, and shares some tips for you to get the most out of this VPN-focused course. 2. Naked DMVPN (00:43:40) Dynamic Multipoint VPNs (DMVPNs) are a great way to set up full-mesh connectivity with manually setting up n(n-1)/2 static tunnels. In this Nugget, Keith talks with you about the core pieces that make up DMVPNs, including Next Hop Resolution Protocol (NHRP), multipoint GRE tunnel interfaces, dynamic routing protocols, and more. Configuration and verification also is included in this video. Adding IPsec to the DMVPN is covered in the next Nugget. This video maps to "Secure Communications," "Troubleshooting, Monitoring, and Reporting Tools," and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 3. Protected DMVPN (00:32:17) IPsec can be added to the DMVPN topology (and usually is) to provide encryption, authentication, and data integrity services for the packets traveling between the mGRE interfaces on the DMVPN routers. This Nugget presumes the viewer has viewed the previous Nugget in this course, "Naked DMVPN," and has a basic CCNA Security-level understanding of IKEv1 (IKEv1 and other cryptographic fundamentals can be reviewed in the CCNA Security course, specifically the videos "Cryptography Essesntials" and "IPsec Site to Site VPNs", which are part of the CCNA Security course). This video maps to "Secure Communications," "Troubleshooting, Monitoring, and Reporting Tools," and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 4. TShoot DMVPN (00:37:23) "What could go wrong?" These are the famous last words of the technician who didn't learn to identify and correct problems that can cause a DMVPN network to fail. In this Nugget, you join Keith to diagnose, troubleshoot and correct multiple problems in an existing DMVPN network. This video maps to the "Secure Communications," "Troubleshooting, Monitoring, and Reporting Tools," and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 5. IKE Call Admission Control (00:25:17) A brute force IKE attack, or even a malfunctioning system making multiple requests, can place a heavy load on the router, which may result in a Denial of Service (DoS) attack. In this Nugget, Keith chats about how IKE Call Admission Control (CAC) can be used to limit the number of IKE sessions that can be negotiated and set up on the router. This video maps to the "Secure Communications," "Troubleshooting, Monitoring, and Reporting Tools," and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 6. VTI Site2Site VPNs (00:25:24) Virtual Tunnel Interfaces (VTIs) are a simpler method of creating IPsec Site to Site tunnels (compared to traditional Crypto Maps), and VTIs offer the benefit of placing specific policies to either encrypted or clear-text traffic that is going through an interface. This Nugget discusses VTIs, and then demonstrates the configuration and verification of a VTI based static Site-to-Site VPN. This video maps to the "Secure Communications" and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 7. Dynamic VTI Hub (00:23:54) Using a Dynamic Virtual Tunnel Interface (DVTI), we can avoid the manual creation of multiple tunnel interfaces on the hub, but instead create a virtual template, and have the router automagically use that template to create individual virtual access interfaces on demand for IPsec sessions between it and the remote routers. This video maps to the "Secure Communications," and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 8. FlexVPN Site2Site (00:37:49) IKEv2 and the new methods of configuring the tunnels might take a bit of getting used to. In this Nugget, Keith helps ease that process by talking with you about the components of IKEv2 including policy, proposal, profile, and key ring. A demonstration of implementing IKEv2 on Cisco IOS is included as well. This video maps to the "Secure Communications," "Troubleshooting, Monitoring, and Reporting Tools," and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 9. FlexVPN DVTI (00:09:12) This Nugget explains some of the benefits of IKEv2, and demonstrates the conversion from a fixed tunnel interface to a virtual access interface using a virtual template and IKEv2. This video maps to the "Secure Communications," and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 10. FlexVPN Smart Defaults (00:25:56) Smart defaults can be used to save configuration time, and may be customized for your needs. In this Nugget, Keith demonstrates the defaults for (and customization of) the IKEv2 proposal, IPsec transform-set and IPsec profile. This video maps to the "Secure Communications," "Troubleshooting, Monitoring, and Reporting Tools," and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 11. Certificate Install (00:29:19) In this Nugget, Keith walks you through configuring an IOS router as a Certificate Authority (CA), as well as other routers becoming CA clients that will authenticate and enroll with the CA (using Simple Certificate Enrollment Protocol, SCEP) — in preparation for using their certificates as part of rsa-sig authentication. This video maps to the "Secure Communications", and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 12. RSA-Sig IKEv2 Authentication (00:19:41) Using digital certificates, peers who have a a common trusted CA, can authenticate and use the peer's cert and public key to verify the peer's digital signatures for the authentication of the IKEv2 tunnel. In this Nugget, Keith demonstrates this IKEv2 implementation. Supporting files are contained in the NuggeLab download associated with this course. This video maps to the "Secure Communications," "Troubleshooting, Monitoring, and Reporting Tools," and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 13. DVTI IKEv2 Hub and Spoke RSA-Sig (00:16:56) This Nugget demonstrates how to implement and verify the following: Dynamic Virtual Tunnel Interface (DVTI) on the Hub, Static Tunnel Interfaces on the Spokes, and IKEv2 with RSA-Sig for authentication. Configuration files, including the full final configs, are in the NuggetLab files associated with this course. This video maps to the "Secure Communications," and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 14. IKEv2 Pushing Policy (00:12:51) Adding network authorization and AAA can allows us to push policy down to VPN peers. This is implemented by creating a new (or modifying the default) IKEv2 authorization policy, and including that IKEv2 authorization policy in the IKEv2 profile. This video maps to the "Secure Communications," and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 15. FlexVPN Clients (00:30:41) Setting up a spoke as a FlexVPN "Client" allows opportunities for additional features including multiple peers for fault tolerance, and the pushing of networks based on the IKEv2 authorization policy configured. In this Nugget, Keith walks you through reconfiguring the spoke routers to be FlexVPN clients. The use of the IKEv2 authorization profile also is demonstrated to advertise routes between the FlexVPN client and server. This video maps to the "Secure Communications," and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 16. Spoke 2 Spoke FlexVPN (00:32:59) FlexVPN borrows the Next Hop Resolution Protocol (NHRP) from DMVPN to allow a hub and spoke topology to dynamically build spoke to spoke tunnels. The NuggetLab files contain all the configuration commands used in this video, along with the final working configuration for all four routers. This video maps to the "Secure Communications," and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 17. FlexVPN Troubleshooting (00:20:18) In this Nugget, Keith walks you through a troubleshooting scenario, leveraging show commands and pings to isolate the problems in a FlexVPN network. This video maps to the "Troubleshooting, Monitoring, and Reporting Tools" section of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 18. GETVPN (00:50:45) Group Encrypted Transport VPN (GETVPN) overcomes the delays often associated with creating a spoke-to-spoke tunnel, as there are no formal IPsec tunnels created between group members. In this Nugget, Keith explains and then demonstrates the implementation and verification of GETVPN. This video maps to the "Secure Communications," "Troubleshooting, Monitoring, and Reporting Tools," and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 19. ASA 2 IOS IKEv2 (Site-to-Site IPsec VPN) (00:23:15) In this Nugget, Keith explains and demonstrates the configuration on the ASA to support both IKEv1 and IKEv2 site-to-site tunnels, as well as configuring a peer IOS router. The router demonstration includes IKEv1 first, with the verification commands to confirm it is working, and then IKEv2 and verification once again that it is working. This video maps to the "Secure Communications," "Troubleshooting, Monitoring, and Reporting Tools," and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 20. Verify and TShoot IPsec (00:07:29) In this Nugget, Keith demonstrates where to look inside ASDM to verify or configure the IPsec Site-to-Site configuration implemented from the CLI in the previous video. Note: The following three videos are from the CCNP Security VPN v2.0 course, and it's recommended that you watch them before watching the next Nugget in this course. ASA VPN Options Site to Site IPsec VPNs Troubleshooting IPsec Site-to-Site VPNs This video along with the 3 assigned videos map to the "Secure Communications," "Troubleshooting, Monitoring, and Reporting Tools," and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 21. RA VPNs (00:12:17) Remote Access (RA) VPNs play a critical role in secure mobility solutions. In this Nugget, Keith refers to some IOS VPN server documentation that may be useful for administrators of IOS based RA VPNs. This video includes an assignment of watching the following videos from the CCNP Security VPNv2.0 course: VPN Profiles and Policies; Implementing Clientless SSL VPNs; AnyConnect SSL VPNs; Smart Tunnels and Plugins; AAA VPN Authentication; Troubleshooting Clientless SSL VPNs; Troubleshooting AnyConnect Client SSL VPNs; Cisco Secure Desktop and DAP; High Availability VPNs; and VPN Pieces and Parts. These videos from the CCNP Security VPN v2.0 course are relevant for real-world experience, as well as the SIMOS 300-209 certification exam from Cisco. The list of assigned videos from this lesson also can be found in the NuggetLab files as a document named "Video Assignment.txt." This video, along with the assigned videos, maps to the "Secure Communications," "Troubleshooting, Monitoring, and Reporting Tools," and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 22. AnyConnect Client Profile (00:14:24) Whoever thought an XML file could be so powerful? In this Nugget, Keith demonstrates how to modify an AnyConnect Client Profile (the .xml file) on the ASA, and have that profile be automatically downloaded to AnyConnect Clients when they connect. This is an effective way to modify the AnyConnect client profile of remote systems using the ASA as a central distribution point. This video maps to the "Secure Communications," "Troubleshooting," and "Secure Communications Architectures" sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). 23. Closing Thoughts (00:15:33) In this Nugget, Keith shares some tips for continued growth and success, along with some troubleshooting strategies. This video maps to the "Secure Communications" and "Troubleshooting," sections of Cisco's blueprint for Implementing Cisco Secure Mobility Solutions (SIMOS, 300-209). [/wpspoiler]
Кто знает, тот успешен