CCIE Security Integrated

Why choose JNtech Networks for CCIE Security Integrated?

CCIE Security Integrated Program - CCNA 200-301 + CCNP Security + Palo-Alto + Checkpoint Training

CCIE security is one of the most demanded, highest-paid, and prestigious IT networking certifications in the world accepted globally. It is the highest level of the Cisco security track. The CCIE security integrated course is a combo pack where aspirants may get hands-on training experience on CCNA 200-301+ CCNP Security + CCIE Security V6 + Palo-Alto + Checkpoint certifications at under one training program.

At the JNtech Networks Institute, you can get the largest pool of CCIE certified trainers who are industry experienced professionals. CCIE Security is the hottest IT career certification in the world and there are huge career opportunities for certified professionals. The major reason behind this opportunity is that there is a huge gap between the total numbers of CCIE certified professionals and industry demands.

It is our 100% job guarantee training program where any graduates may register for the course training. Graduates who are interested to make their career in the networking industry in the security track either they are graduates, BCA pass-outs, MCA students, last year graduate students may get enrolled for this program.

It is a specially designed training program where the candidate gets hands-on training on designing, implementing, configure, maintain and troubleshoot network issues. You will learn basic to advanced levels of network designing to network security altogether. This course is the best platform to have multiple skills, knowledge, and in-depth concepts, including network designing + network implementation + network security.

JNtech Networks offer in-depth instructor-led / online training for all these courses with industry best trainers, 24*7 lab access to real Cisco devices, online virtual racks, smart classroom, one-to-one training session facilities. We provide high-quality training to the students with advanced and latest infrastructures.

After successful completion of the CCIE security integrated course candidates will be able to design, install, configure, maintain and troubleshoot the enterprise network using Cisco routers, switches, firewalls, and IPS devices.

Demo Classes for CCIE Security Combo Training

CCIE Security Integrated Course Duration

6 months (Weekdays)

8 Month (Weekend)

Course Content

Training Mode

Instructor Led Training/Online Training

Classroom Training

On Demand Training

Training Schedule For CCIE Course

Month

Upcoming Batches

February 2024

13th February 2024

February 2024

24th February 2024

Fee of CCIE Security Integrated Course

Fee Indian Students International Students
Course Fee Rs. 1,25,000 INR $2100 USD

Prerequisite

There is Completion of BTech ,BCA ,MCA or Polytechnic as prerequisite.

CCIE Security Integrated Course Outline/Syllabus

  1. Describing the role and function of network components (Routers, L2 and L3 switches, Next-generation firewalls and Servers).
  2. Describing the Characteristics of network topology architectures (2 tier, 3 tier, Spine-leaf, WAN, SOHO, On-premises, and cloud).
  3. Configuring and verifying IPv4 addressing and subnetting, IPv6 addressing and prefix and describing some wireless principles like Non-overlapping Wi-Fi channels, SSID, RF, Encryption.
  4. Comparing physical interface and cabling types along with Identification to interface and cable issues like collisions, errors, mismatch duplex, and/or speed.
  5. Verifying IP parameters for Client OS (Windows, Mac OS, and Linux) and explaining virtualization fundamentals and some switching concepts.
  6. Configuring and Verifying Layer 2/Layer 3 discovery protocols and Ether Channel (LACP) and describing AP and WLC management access connections (Telnet, SSH, HTTP, HTTPS, Console, and TACACS+/RADIUS).
  7. Introduction to components of WLAN (AP, WLC, access/trunk ports, and LAG): Getting familiar with WLAN creation, security settings, QoS profiles, and advanced WLAN settings.
  8. Understanding, configuring and troubleshooting routing protocols for IPV4 and IPV6. Topics like OSPFv2 (single-area), Routing protocol metric and components of routing table are covered.
  9. Understanding, configuring and troubleshooting layer 3 protocols like Frame Relay, HDLC, PPP, NAT, etc.
  10. Introduction to MPLS and forwarding per-hop behavior (PHB) for QoS such as classification, marking, queuing, congestion, policing, shaping. Understanding IP services like DHCP, DNS, SNMP, Netflow, FHRP, TFTP/FTP, and NTP.
  11. Defining and describing key security concepts, security program elements and some wireless security protocols (WPA, WPA2, and WPA3).
  12. Understanding, configuring and troubleshooting layer 2 security features DHCP snooping, dynamic ARP inspection, and port security & layer 3 security that is ACL (standard, extended, named), SSH and Secret password.
  13. Understanding how automation impacts network management and learn about Controller-based networking and its architecture.
  14. Learn the characteristics of REST-based APIs (CRUD, HTTP verbs, and data encoding) and recognizing the capabilities of configuration management mechanisms Puppet, Chef, and Ansible.

Available Training Mode :- Classroom Training & Virtual Training

Module 1 :- Firewall

Cisco ASA Overview

  • Firewall Overview
  • Firewall Techniques
  • Stateless Packet Filtering
  • Stateful Packet Filtering

Cisco ASA Product Family

  • Introducing the Cisco ASA 5500-X Series NGFW
  • Introducing the Cisco ASAv
  • Difference between UTM and NGFW

Cisco ASA Features

  • Using the CLI
  • Using the Cisco ASDM
  • Understanding Factory default configuration
  • Working on the configuration files

Cisco ASA Firewall Interfaces

  • Configuring Physical interfaces
  • Configuring Vlan interfaces
  • Redundant Interface
  • Configuring Interface Security Parameters
  • Naming the interface
  • Security Level
  • Assigning the IP Address

Cisco ASA IP Connectivity

  • Configuring the Static Routing
  • Routing with EIGRP
  • Routing with OSPF
  • Routing with BGP
  • Verifying the routing Table
  • Configuring the SSH and Telnet
  • Configuring HTTP/S

Cisco ASA NAT (Network Address Translation)

  • Understanding the NAT
  • Methods of NAT
  • Inside NAT
  • Outside NAT
  • Implementation of NAT
  • Auto NAT
  • Manual NAT
  • Types of NAT
  • Static
  • NAT
  • PAT
  • Dynamic
  • NAT
  • PAT
  • Twice NAT
  • Identity NAT

Cisco ASA ACL

  • Inside/ Outside ACL.
  • Object GROUP ACL.
  • Life of a Packet on the Cisco

Cisco ASA Modes

  • Transparent Mode
  • Routed Mode

Cisco ASA Context

  • Admin Context
  • System Context
  • User Context
  • Deployment Guide

Cisco High Availability

  • ASA Failover
  • Active/Standby
  • Active/Active
  • Verifying failover Operations
  • Clustering ASA firewallWireshark Capture

MODULE 2 :- VPN

Cryptography Overview

  • Hash Algorithm
  • Encryption Overview
  • Cryptanalysis
  • Symmetric Encryption Algorithm
  • Asymmetric Encryption Algorithm
  • Digital Signatures
  • PKI Overview
  • PKI Operations

Fundamentals of VPN Technologies and IPSec

  • What is VPN
  • Introduction of Ipsec Terminology
  • VPN Types
  • Ipsec Features
  • Confidentiality, Integrity, Availability and Anti-Replay.
  • IPSec Protocols: – IKE, ESP and AH
  • IKE Modes
  • IKE Phases
  • NAT-T
  • Security Associations and Components
  • How to configure cisco IOS as CA

Site to Site VPN  ROUTER AND ALSO ON CISCO ASA

  • What is Site-to Site VPN
  • Wireshark Capture
  • GRE
  • Gre over IPSec
  • Site-to-Site VPN Labs

Deploying DMVPN

  • DMVPN Overview
  • DMVPN Terminologies
  • NHRP
  • MGRE
  • DMVPN Working
  • DMVPN Advantages and Limitations
  • DMVPN Phase 1, 2 and 3
  • DMVPN Labs
  • DMVPN Redundancy – Dual Hub DMVPN Deployment

Remote Access VPN

  • Remote Access VPN Introduction
  • Remote Access VPN modes
  • Client Mode Software
  • Client Mode Hardware
  • Remote Access with DVTI
  • Remote Access Working
  • Remote Access Labs

Deploying Clientless SSL VPN

  • SSL VPN Overview
  • SSL Handshake
  • SSL VPN Modes
  • Clientless and Thick Client
  • SSL VPN Working
  • SSL VPN Labs

Deploying Anyconnect VPN

  • Anyconnect Overview
  • Connection Policies
  • Group Policies
  • Split Tunnelling
  • Client Profile
  • Anyconnect Image Upload

GET VPN

  • GET VPN
  • GET VPN Terminologies
  • GDOI
  • Key Server (KS)
  • KEK (Key Encryption Key)
  • TEK (Traffic Encryption Key)
  • Rekey Process (Unicast and Multicast)
  • Group Member (GM)
  • GET VPN Lab and Working

Flex VPN

  • Introduction and Working IOS Flex VPN
  • Flex VPN Labs

MODULE 3 :- ISE

Introducing Cisco ISE Architecture and Deployment

  • Security challenges
  • Cisco ISE solutions Use Cases
  • Secure Access Control
  • ISE function
  • ISE deployment components
  • Context visibility
  • ISE Personas
  • ISE Licensing
  • Infrastructure Components
  • Identity Source

Fundamentals of AAA

  • AAA
  • Radius Overview
  • Radius Messages
  • AV Pair
  • IEEE 802.1x Primer
  • EAP
  • Types of EAP
  • Tunnel EAP
  • EAP-FAST
  • PEAP
  • EAP-TLS
  • Non-Tunnel EAP
  • EAP-MD5
  • MSCHAP
  • EAP GTC
  • Host Mode
  • Deployment of 802.1x

Bootstrap Network Access Devices

  • Radius Commands
  • AAA Commands

Introduction to ISE GUI

  • AD overview and configuration
  • Admin Access
  • Administrative Work
  • Certificate in ISE
  • Personas
  • Probes for ISE
  • Backup/Restore
  • Maintenance

Configuring Authentication and Authorization Policy

  • Dot1x Authentication and Authorization
  • MAB Authentication and Authorization
  • AP Authentication and Authorization
  • Device Administration

Configuring Posturing and Profiling

  • Posturing
  • Profiling of Devices

Cisco TrustSec and Its Component

  • SGT/SGN Tagging
  • Classification
  • Propagation
  • Inline
  • SXP
  • Enforcement ACL

Miscellaneous Topics

  • Configuring the Cisco WLC and AP via GUI and CLI

Cisco VPN Authentication

  • Cisco Anyconnect VPN authentication from ISE

Troubleshooting ISE

  • Radius Live Log
  • Diagnostic Validator
  • Logs Management
  • Radius Messages with Attribute Type

MODULE 4 :- NGFW

Cisco NGFW

  • What is NGFW and UTM
  • Components of NGFW
  • Introduction of the SourceFire and Snort Rules
  • Cisco Acquisitions
  • FTD, NGIPS
  • Off Box Management and On Box Management
  • FMC and FDM GUI
  • Licensing on the FMC
  • Registration of FMC with FTD and NGIPS
  • Configuration of the Sensor Interface
  • Configuring NAT and Routing

MODULE 5 :- WSA

WSA/ESA

  • Describe the Cisco WSA
  • Install and verify the WSA
  • Deploy proxy services for the WSA
  • WCCP Services and Transparent Proxy
  • Utilize authentication with the WSA
  • Configure various policies for the WSA
  • Enforce acceptable use using the WSA
  • Defend against malware
  • Configure data security
  • Perform Administration and Troubleshooting of WSA’s

MODULE 6 :- StealthWatch

Introduction to Netflow

  • Why we need Cisco StealthWatch
  • Components of StealthWatch
  • Advance Features of StealthWatch
  • Configuring the Stealthwatch Management Console
  • Using the Appliance Setup Tool with the SMC
  • Configuring the Stealthwatch Flow Collector

Module 1: Next-Generation Security Platform and Architecture

1-Basic-Terminology of Firewall
2.Introduction about Palo Alto Networks, Certifications, Next Gen Firewalls.
3-Firewall Technologies
4-About Palo Alto Networks
5.what is SP3 Architecture

Module 2: Virtual and Cloud Deployment

1-Install Palo Alto on VM
2-Install Palo Alto on EVE
3-Install Palo Alto in GNS3
4-CLI-Commands
5-Dashboard Tab

Module 3: Initial Configuration

1-PA Initial Configuration
2-DNS & NTP
3-Licenses and Updates
4-Dynamic Updates
5-Initial Working Lab
6-Interface Mgmt
7-Backup and Restore

Module 4: Interface Configuration

1.Interfaces PA
2.Firewall Zones
3.Intro to Routing
4.Virtual Routers (VR)
5.VS Static Routing
6.VS Default Routing
7.RIP-Lab
8.Securing Routing Protocols
9.OSPF-Lab

Module 5: Security Policies

1.Security Policy Concepts
2.Security Policy Basic Criteria
3.Security Policy Action
4.Shadows Rule
5.View Rules by Tag Group
6.Policy Optimizer

Module 6: NAT Policies

1.NAT-PA-Theory
2.NAT Topology
3.Source NAT Policy with Dynamic IP
4.Source NAT Static IP
5.Destination NAT Static IP
6.Destination NAT Port Forwarding
7.U-Turn-NAT

Module 7: App-ID

1.APP-ID
2.Application Window Details
3.Application Shifts
4.Dependent Applications
5.Implicitly Use Applications
6.Application Groups
7.Application Filters
8.Custom Application
9.Application Override
10.Application Updates

Module 8: Content-ID

1.Security Profiles-Intro
2.Antivirus Profile
3.Anti-Spyware Profiles
4.Vulnerability Protection Profiles
5.URL Filtering Profile
6.File Blocking Profiles
7.Security Profile Groups
8.DoS Protection Profile
9.Zone Protection Profile-Lab

Module 9: WildFire

1. WHAT IS Wildfire
2. WildFire Analysis Profile

Module 10: User-ID

1.User-ID-Theory
2.Captive Portal
3.LDAP Integration

Module 11: Decryption

Module 12: GlobalProtect

1.Remote-Access VPN GlobalProtect Theory and Lab.
2.GlobalProtect

Module 13: Site-to-SiteVPNs

1.VPN Concept
2.IPSec Protocols
3.VPN-Lab

Module 14: Monitoring and Reporting

1.Log Types
2.Syslog Server
3.NetFlow
4.SNMP
5.Packet-Capture
6.ACC Tab

Module 15: Active/Passive High Availability

1.WHAT IS High Availability
2.Active/Passive High Availability Lab

Module 16 : Next-Generation Security Practices

  • Introduction to checkpoint
  • GAiA Installation
  • Connecting security manager to Gateway
  • smart dashboard , policy and rules
  • NAT (network address translation )
  • Policy Management Database revision and backup
  • AD Integration
  • Identity Awareness and HTTPS Inspection
  • Application Awareness and Web filtering
  • Traffic monitoring
  • CLI , Basic Troubleshooting LAB
  • Site to Site IPSec VPN

DROP YOUR ENQUIRY