CCIE Security Integrated

Why choose JNtech Networks for CCIE Security Integrated?

CCIE Security Integrated Program - CCNA Enterprise Infrastructure + CCN P Security + CCNP Enterprise Infrastructure+ Palo-Alto + F5 Loadbalancer + Checkpoint Training

CCIE security is one of the most demanded, highest-paid and prestigious IT networking certification in the world accepted globally. It is the highest level of the Cisco security track. The CCIE security integrated course is combo pack where aspirants may get hands-on training experience on CCNA Enterprise Infrastructure + CCNP Security + CCNP Enterprise Infrastructure+ Palo-Alto + F5 Loadbalancer + Checkpoint certifications at under one training program.

At the JNtech Networks Institute, you can get the largest pool of CCIE certified trainers who are industry experienced professionals. CCIE Security is the hottest IT career certification in the world and there are huge career opportunities for certified professionals. The major reason behind this opportunity is that there is a huge gap between the total numbers of CCIE certified professionals and industry demands.

It is our 100% job guarantee training program where any graduates may register for the course training. Graduates who are interested to make their career in the networking industry in security track either they are any graduates, BCA pass-outs, MCA students, last year graduate students may get enrolled for this program.

It is a specially designed training program where the candidate gets hands-on training on designing, implementing, configure, maintain and troubleshoot the network issues. You will learn basic to advanced level of network designing to network security altogether. This course is the best platform to have multiple skills, knowledge and in-depth concepts, including network designing + network implementation + network security.

JNtech Networks offer in-depth instructor-led / online training for all these courses with industry best trainers, 24*7 lab access to real Cisco devices, online virtual racks, smart classroom, one-to-one training session facilities. We provide high-quality training to the students with advanced and latest infrastructures.

After successful completion of CCIE security integrated course candidates will be able to design, install, configure, maintain and troubleshoot the enterprise network using Cisco routers, switches, firewall and IPS devices.

Demo Classes

CCIE Security Integrated Course Duration

10 months (Weekdays)

12 Month (Weekend)

Course Content

Training Mode

Instructor Led Training/Online Training

Classroom Training

On Demand Training

Fee of CCIE Security Integrated Course

FeeIndian StudentsInternational Students
Course FeeRs. 1,05,000 INR$1600 USD

Prerequisite

There is Completion of BTech ,BCA ,MCA or Polytechnic as prerequisite.

CCIE Security Integrated Course Outline/Syllabus

  1. Describing the role and function of network components (Routers, L2 and L3 switches, Next-generation firewalls and Servers).
  2. Describing the Characteristics of network topology architectures (2 tier, 3 tier, Spine-leaf, WAN, SOHO, On-premises, and cloud).
  3. Configuring and verifying IPv4 addressing and subnetting, IPv6 addressing and prefix and describing some wireless principles like Non-overlapping Wi-Fi channels, SSID, RF, Encryption.
  4. Comparing physical interface and cabling types along with Identification to interface and cable issues like collisions, errors, mismatch duplex, and/or speed.
  5. Verifying IP parameters for Client OS (Windows, Mac OS, and Linux) and explaining virtualization fundamentals and some switching concepts.
  6. Configuring and Verifying Layer 2/Layer 3 discovery protocols and Ether Channel (LACP) and describing AP and WLC management access connections (Telnet, SSH, HTTP, HTTPS, Console, and TACACS+/RADIUS).
  7. Introduction to components of WLAN (AP, WLC, access/trunk ports, and LAG): Getting familiar with WLAN creation, security settings, QoS profiles, and advanced WLAN settings.
  8. Understanding, configuring and troubleshooting routing protocols for IPV4 and IPV6. Topics like OSPFv2 (single-area), Routing protocol metric and components of routing table are covered.
  9. Understanding, configuring and troubleshooting layer 3 protocols like Frame Relay, HDLC, PPP, NAT, etc.
  10. Introduction to MPLS and forwarding per-hop behavior (PHB) for QoS such as classification, marking, queuing, congestion, policing, shaping. Understanding IP services like DHCP, DNS, SNMP, Netflow, FHRP, TFTP/FTP, and NTP.
  11. Defining and describing key security concepts, security program elements and some wireless security protocols (WPA, WPA2, and WPA3).
  12. Understanding, configuring and troubleshooting layer 2 security features DHCP snooping, dynamic ARP inspection, and port security & layer 3 security that is ACL (standard, extended, named), SSH and Secret password.
  13. Understanding how automation impacts network management and learn about Controller-based networking and its architecture.
  14. Learn the characteristics of REST-based APIs (CRUD, HTTP verbs, and data encoding) and recognizing the capabilities of configuration management mechanisms Puppet, Chef, and Ansible.

Available Training Mode :- Classroom Training & Virtual Training

Basic Switching

  • Switch administration
  • Layer 2 protocols
  • VLAN technologies
  • EtherChannel
  • Spanning Tree Protocol

Routing Concepts

  • Administrative distance 
  • VRF-lite 
  • Static routing 
  • Policy Based Routing 
  • VRF-aware routing with any routing protocol 
  • Route filtering with any routing protocol 
  • Manual summarization with any routing protocol 
  • Redistribution between any pair of routing protocols 
  • Routing protocol authentication
  • Bidirectional Forwarding Detection

EIGRP

  • Adjacencies
  • Best path selection
  • Operations
  • EIGRP load balancing
  • EIGRP Named Mode
  • Optimization, convergence and scalability

OSPF (v2 and v3)

  • Adjacencies
  • Network types, area types
  • Path preference
  • Operations
  • Optimization, convergence and scalability

BGP

  • IBGP and EBGP peer relationships
  • Path selection
  • Routing policies
  • AS path manipulations
  • Convergence and scalability
  • Other BGP features

Multicast

  • Layer 2 multicast
  • Reverse path forwarding check
  • PIM

Cisco SD Access

  • Design a Cisco SD-Access solution
  • Cisco SD-Access deployment
  • Segmentation
  • Assurance

Cisco SD-WAN

  • Design a Cisco SD-WAN solution
  • WAN edge deployment
  • Configuration templates
  • Localized policies (only QoS)
  • Centralized policies

MPLS

  • Operations
  • L3VPN

DMVPN

  • Troubleshoot DMVPN Phase 3 with dual-hub
  • Identify use cases for FlexVPN

Security and Services

  • Device Security on Cisco IOS XE
  • Network Security
  • System Management
  • Quality of Service
  • Network Services
  • Network optimization
  • Network operations

Automation and Programmability

  • Data encoding formats
  • Automation and scripting
  • Programmability

 

Module 1 :- Firewall

Cisco ASA Overview

  • Firewall Overview
  • Firewall Techniques
  • Stateless Packet Filtering
  • Stateful Packet Filtering

Cisco ASA Product Family

  • Introducing the Cisco ASA 5500-X Series NGFW
  • Introducing the Cisco ASAv
  • Difference between UTM and NGFW

Cisco ASA Features

  • Using the CLI
  • Using the Cisco ASDM
  • Understanding Factory default configuration
  • Working on the configuration files

Cisco ASA Firewall Interfaces

  • Configuring Physical interfaces
  • Configuring Vlan interfaces
  • Redundant Interface
  • Configuring Interface Security Parameters
  • Naming the interface
  • Security Level
  • Assigning the IP Address

Cisco ASA IP Connectivity

  • Configuring the Static Routing
  • Routing with EIGRP
  • Routing with OSPF
  • Routing with BGP
  • Verifying the routing Table
  • Configuring the SSH and Telnet
  • Configuring HTTP/S

Cisco ASA NAT (Network Address Translation)

  • Understanding the NAT
  • Methods of NAT
  • Inside NAT
  • Outside NAT
  • Implementation of NAT
  • Auto NAT
  • Manual NAT
  • Types of NAT
  • Static
  • NAT
  • PAT
  • Dynamic
  • NAT
  • PAT
  • Twice NAT
  • Identity NAT

Cisco ASA ACL

  • Inside/ Outside ACL.
  • Object GROUP ACL.
  • Life of a Packet on the Cisco

Cisco ASA Modes

  • Transparent Mode
  • Routed Mode

Cisco ASA Context

  • Admin Context
  • System Context
  • User Context
  • Deployment Guide

Cisco High Availability

  • ASA Failover
  • Active/Standby
  • Active/Active
  • Verifying failover Operations
  • Clustering ASA firewallWireshark Capture

MODULE 2 :- VPN

Cryptography Overview

  • Hash Algorithm
  • Encryption Overview
  • Cryptanalysis
  • Symmetric Encryption Algorithm
  • Asymmetric Encryption Algorithm
  • Digital Signatures
  • PKI Overview
  • PKI Operations

Fundamentals of VPN Technologies and IPSec

  • What is VPN
  • Introduction of Ipsec Terminology
  • VPN Types
  • Ipsec Features
  • Confidentiality, Integrity, Availability and Anti-Replay.
  • IPSec Protocols: – IKE, ESP and AH
  • IKE Modes
  • IKE Phases
  • NAT-T
  • Security Associations and Components
  • How to configure cisco IOS as CA

Site to Site VPN  ROUTER AND ALSO ON CISCO ASA

  • What is Site-to Site VPN
  • Wireshark Capture
  • GRE
  • Gre over IPSec
  • Site-to-Site VPN Labs

Deploying DMVPN

  • DMVPN Overview
  • DMVPN Terminologies
  • NHRP
  • MGRE
  • DMVPN Working
  • DMVPN Advantages and Limitations
  • DMVPN Phase 1, 2 and 3
  • DMVPN Labs
  • DMVPN Redundancy – Dual Hub DMVPN Deployment

Remote Access VPN

  • Remote Access VPN Introduction
  • Remote Access VPN modes
  • Client Mode Software
  • Client Mode Hardware
  • Remote Access with DVTI
  • Remote Access Working
  • Remote Access Labs

Deploying Clientless SSL VPN

  • SSL VPN Overview
  • SSL Handshake
  • SSL VPN Modes
  • Clientless and Thick Client
  • SSL VPN Working
  • SSL VPN Labs

Deploying Anyconnect VPN

  • Anyconnect Overview
  • Connection Policies
  • Group Policies
  • Split Tunnelling
  • Client Profile
  • Anyconnect Image Upload

GET VPN

  • GET VPN
  • GET VPN Terminologies
  • GDOI
  • Key Server (KS)
  • KEK (Key Encryption Key)
  • TEK (Traffic Encryption Key)
  • Rekey Process (Unicast and Multicast)
  • Group Member (GM)
  • GET VPN Lab and Working

Flex VPN

  • Introduction and Working IOS Flex VPN
  • Flex VPN Labs

MODULE 3 :- ISE

Introducing Cisco ISE Architecture and Deployment

  • Security challenges
  • Cisco ISE solutions Use Cases
  • Secure Access Control
  • ISE function
  • ISE deployment components
  • Context visibility
  • ISE Personas
  • ISE Licensing
  • Infrastructure Components
  • Identity Source

Fundamentals of AAA

  • AAA
  • Radius Overview
  • Radius Messages
  • AV Pair
  • IEEE 802.1x Primer
  • EAP
  • Types of EAP
  • Tunnel EAP
  • EAP-FAST
  • PEAP
  • EAP-TLS
  • Non-Tunnel EAP
  • EAP-MD5
  • MSCHAP
  • EAP GTC
  • Host Mode
  • Deployment of 802.1x

Bootstrap Network Access Devices

  • Radius Commands
  • AAA Commands

Introduction to ISE GUI

  • AD overview and configuration
  • Admin Access
  • Administrative Work
  • Certificate in ISE
  • Personas
  • Probes for ISE
  • Backup/Restore
  • Maintenance

Configuring Authentication and Authorization Policy

  • Dot1x Authentication and Authorization
  • MAB Authentication and Authorization
  • AP Authentication and Authorization
  • Device Administration

Configuring Posturing and Profiling

  • Posturing
  • Profiling of Devices

Cisco TrustSec and Its Component

  • SGT/SGN Tagging
  • Classification
  • Propagation
  • Inline
  • SXP
  • Enforcement ACL

Miscellaneous Topics

  • Configuring the Cisco WLC and AP via GUI and CLI

Cisco VPN Authentication

  • Cisco Anyconnect VPN authentication from ISE

Troubleshooting ISE

  • Radius Live Log
  • Diagnostic Validator
  • Logs Management
  • Radius Messages with Attribute Type

MODULE 4 :- NGFW

Cisco NGFW

  • What is NGFW and UTM
  • Components of NGFW
  • Introduction of the SourceFire and Snort Rules
  • Cisco Acquisitions
  • FTD, NGIPS
  • Off Box Management and On Box Management
  • FMC and FDM GUI
  • Licensing on the FMC
  • Registration of FMC with FTD and NGIPS
  • Configuration of the Sensor Interface
  • Configuring NAT and Routing

MODULE 5 :- WSA

WSA/ESA

  • Describe the Cisco WSA
  • Install and verify the WSA
  • Deploy proxy services for the WSA
  • WCCP Services and Transparent Proxy
  • Utilize authentication with the WSA
  • Configure various policies for the WSA
  • Enforce acceptable use using the WSA
  • Defend against malware
  • Configure data security
  • Perform Administration and Troubleshooting of WSA’s

MODULE 6 :- StealthWatch

Introduction to Netflow

  • Why we need Cisco StealthWatch
  • Components of StealthWatch
  • Advance Features of StealthWatch
  • Configuring the Stealthwatch Management Console
  • Using the Appliance Setup Tool with the SMC
  • Configuring the Stealthwatch Flow Collector

Module 1: Next-Generation Security Platform and Architecture

1-Basic-Terminology of Firewall
2.Introduction about Palo Alto Networks, Certifications, Next Gen Firewalls.
3-Firewall Technologies
4-About Palo Alto Networks
5.what is SP3 Architecture

Module 2: Virtual and Cloud Deployment

1-Install Palo Alto on VM
2-Install Palo Alto on EVE
3-Install Palo Alto in GNS3
4-CLI-Commands
5-Dashboard Tab

Module 3: Initial Configuration

1-PA Initial Configuration
2-DNS & NTP
3-Licenses and Updates
4-Dynamic Updates
5-Initial Working Lab
6-Interface Mgmt
7-Backup and Restore

Module 4: Interface Configuration

1.Interfaces PA
2.Firewall Zones
3.Intro to Routing
4.Virtual Routers (VR)
5.VS Static Routing
6.VS Default Routing
7.RIP-Lab
8.Securing Routing Protocols
9.OSPF-Lab

Module 5: Security Policies

1.Security Policy Concepts
2.Security Policy Basic Criteria
3.Security Policy Action
4.Shadows Rule
5.View Rules by Tag Group
6.Policy Optimizer

Module 6: NAT Policies

1.NAT-PA-Theory
2.NAT Topology
3.Source NAT Policy with Dynamic IP
4.Source NAT Static IP
5.Destination NAT Static IP
6.Destination NAT Port Forwarding
7.U-Turn-NAT

Module 7: App-ID

1.APP-ID
2.Application Window Details
3.Application Shifts
4.Dependent Applications
5.Implicitly Use Applications
6.Application Groups
7.Application Filters
8.Custom Application
9.Application Override
10.Application Updates

Module 8: Content-ID

1.Security Profiles-Intro
2.Antivirus Profile
3.Anti-Spyware Profiles
4.Vulnerability Protection Profiles
5.URL Filtering Profile
6.File Blocking Profiles
7.Security Profile Groups
8.DoS Protection Profile
9.Zone Protection Profile-Lab

Module 9: WildFire

1. WHAT IS Wildfire
2. WildFire Analysis Profile

Module 10: User-ID

1.User-ID-Theory
2.Captive Portal
3.LDAP Integration

Module 11: Decryption

Module 12: GlobalProtect

1.Remote-Access VPN GlobalProtect Theory and Lab.
2.GlobalProtect

Module 13: Site-to-SiteVPNs

1.VPN Concept
2.IPSec Protocols
3.VPN-Lab

Module 14: Monitoring and Reporting

1.Log Types
2.Syslog Server
3.NetFlow
4.SNMP
5.Packet-Capture
6.ACC Tab

Module 15: Active/Passive High Availability

1.WHAT IS High Availability
2.Active/Passive High Availability Lab

Module 16 : Next-Generation Security Practices

  • Introduction to checkpoint
  • GAiA Installation
  • Connecting security manager to Gateway
  • smart dashboard , policy and rules
  • NAT (network address translation )
  • Policy Management Database revision and backup
  • AD Integration
  • Identity Awareness and HTTPS Inspection
  • Application Awareness and Web filtering
  • Traffic monitoring
  • CLI , Basic Troubleshooting LAB
  • Site to Site IPSec VPN

Module-1 Installing & Initial Access

  •  BIG-IP LTM Overview
  •  Licensing and the setup utility
  • Installation and Setup Labs
  1. Lab Changing Initial IP Address.
  2. Lab Licensing The System
  3. Lab Setup Utility
  4. Lab Configuration Utility
  5. Lab Configuration Backup Utility
  • BIG-IP Hardware Platform
  • What’s outside BIG-IP
  • What’s Inside BIG-IP
  • Building block of F5

Module-2 Components

Nodes 

  • Lab using GUI
  • LAB using CLI

Pool

  • Lab using GUI
  • LAB using CLI

Pool Members

  • Lab using GUI
  • Lab using CLI

Virtual-server

  • Lab using GUI
  • LAB using CLI

Module-3 Load Balancing

  • Virtual Servers & Pools
  • Network Map
  • Load Balancing Modes
  • Configuring Load Balancing

         1. Load Balancing with Pool Members

         2. LAB using GUI & CLI

Module-4 Virtual-Server for IPV6

  • Ipv6 Virtual Server Configuration
  • IPv6 Virtual Server to IPv4 Backend Server Configuration

           1. LAB

Module-5 Monitors

  • Monitor Concepts
  • Monitor Configuration
  • Monitor Assignment
  • Monitor Status Reporting

          1. Labs Monitor

          2.Modified Lab Monitor

Module-6 Profile

  • Profile
  • Profile Types and Dependencies
  • Protocol Profile Types and Setting
  • Configuring Profiles
  • Configuring Parent And Child Profile

Module-7 Persistence

  • Persistence
  • Source Address Based Persistence

           1. LAB – Source Address Based Persistence

  • Destination Address Based Persistence

              2. LAB – Destination Address Based Persistence

  • Cookies Based Persistence

          3. LAB – Cookies Based Persistence

  • Object Management

              4. Disabled and Enable Members

Module-8 Processing SSL Traffic

  • SSL Termination/Initiation
  • SSL profile Configuration

         1. LAB Client SSL Termination

         2.LAB Server SSL Termination

Module-9 Configuration Project

  • Configuration Project
        1.  LAB Including all the Servers And Client & BIG-IP

Module-10 NATs and SNATs

  • NATs
         1. LAB NAT
  • SNAT
         2. LAB SNAT
  • Auto-map
    3. LAB Automap

Module-11 iRules

  • iRules Concepts
  • iRules Events
  • Types of iRules
  • Different Ways To Use iRules
  • iRule Editer
  • Configuring iRules

              1. LAB iRules

Module-12 Installation Of a Redundant BIG-IP

  • Redundant Pair Concept
  • Synchronization State and Failover
  • Redundant Pair Labs

           1. Lab Redundant Pair Setup
            2. Synchronization

  • Redundant Pair Communication

Module-13 High Availability

  • Requirements
  • Concept of High Availability
  • Fail-over Triggers
  • Fail-over Trigger Configuration

                  1. LAB

  • Fail-over Detection

                 2. LAB

Module-14 Maintaining & Troubleshooting BIG-IP LTM

  • Additional Tools And Resources
  • Logs
  • SNMP
  • iHealth
  • QKView
  • analytics
  • TCP Dumps
  • EUD
  • ASK-F5
  • BIG-IP Logging Method
  • BIG-IP Log Facilites

DROP YOUR ENQUIRY

Please Fill the Form for Best Course Enquiry