Content

Securing Networks with Cisco Routers and Switches Remote Labs v1.0

This set of lab exercises (lab bundle) contains all exercises associated with the Securing Networks with Cisco Routers and Switches (SECURE) v1.0 course. The exercises address all aspects of security, from Layer 2 security to Layer 3 secure VPNs with IPsec and SSL. Lab exercises also cover application layer security with zone-based firewall. One lab exercise in the bundle covers IOS IPS as well.

Content

This set of lab exercises contains the following exercises:

Objectives

Upon finishing this set of exercises, you will be able to:
Verify DHCP spoofing vulnerability

  • Configure DHCP snooping
  • Configure dynamic and static ARP inspection
  • Configure IP Source Guard and PACLs
  • Configure PVLAN Edge
  • Configure zones
  • Configure access between the internal and external zones
  • Configure access between the internal and DMZ zones
  • Configure access between the external and DMZ zones
  • Configure inspection of local (self-zone) traffic
  • Configure and verify application-layer filtering on the Zone-Based Policy Firewall
  • Configure and verify URL filtering
  • Configure and verify user-based firewalling
  • Initialize Cisco IOS Software IPS
  • Configure an IPS policy
  • Tune an IPS policy using SEAP
  • Configure Cisco IME
  • Verify signature triggering and dropping actions
  • Verify IME IPS events
  • Configure a certificate server on a router
  • Enroll a router into a PKI
  • Configure a VTI-based point-to-point IPsec VPN tunnel
  • Configure basic EIGRP over the point-to-point IPsec VPN tunnel
  • Test and verify IKE peering between the routers
  • Verify routing protocol peering between the routers
  • Verify connectivity between sites
  • Verify and evaluate the preconfigured DMVPN hub configuration
  • Configure two DMVPN spokes
  • Configure EIGRP routing protocol support on DMVPN spokes
  • Verify spoke-to-hub tunnel establishment
  • Verify spoke-to-spoke tunnel establishment
  • Verify EIGRP adjacencies
  • Verify spoke-to-spoke connectivity
  • Verify and evaluate the preconfigured GET VPN key server configuration
  • Configure GET VPN group members with a fail-closed traffic policy
  • Configure IKE sessions between GET VPN group members and the key server
  • Register GET VPN group members to the key server
  • Test and verify GET VPN member configuration and registration
  • Provision a certificate to the SSL VPN gateway
  • Import the root CA certificate into the client certificate store
  • Configure a router as a full tunneling SSL VPN gateway
  • Install the Cisco AnyConnect client and establish a full tunneling SSL VPN
  • Configure a router as a clientless SSL VPN gateway
  • Configure basic Cisco Secure Desktop features for a clientless SSL VPN
  • Configure the Cisco Easy VPN server feature using VTIs and remote AAA
  • Install and configure the Cisco VPN Client and establish a remote access IPsec VPN tunnel
  • Configure a Cisco Easy VPN Remote device using VTIs

Importance

The lab exercises in this bundle are of utmost importance for all network engineers and designers involved in designing, implementing, and operating security solutions based on Cisco IOS security.

Target Audience

The primary audience for this set of lab exercises comprises network engineers and systems engineers responsible for security solutions deployment using Cisco routers and switches. All exercises are done using CLI.

Prerequisite Knowledge

To successfully complete this set of lab exercises, a good knowledge of basic TCP/IP principles, as well as skills in configuring IOS security features and technologies are needed. This knowledge is best gained by attending the Securing Networks with Cisco Routers and Switches (SECURE) v1.0 course.

Right sidebar

Associated Products

SECURE

Remote Lab Bundle

 

Details

SECURE

E-Course

 

Details
  •  

Get More Info

More To Discover