Cisco Certified Network Professional Security » Khóa Học CCNP Security SVPN (300-730) - IMPLEMENTING SECURE SOLUTIONS WITH VIRTUAL PRIVATE NETWORKS

Thời gian khóa học: 72 giờ
Điều kiện tiên quyết:

Hoàn thành chương trình học khóa học Implementing and Operating Cisco Security Core Technologies (SCOR - 350-701) hoặc tương đương.

Giới thiệu
Nội dung khóa học
Lịch trình học

Khóa học Implementing Secure Solutions with Virtual Private Networks – SVPN (300-730) là 1 trong 6 course tự chọn của chương trình CCNP Security. Khóa học SVPN (300-730) được thiết kế nhằm trang bị cho học viên các kiến thức và kĩ năng xây dựng các giải pháp bảo vệ các giao dịch dữ liệu trên môi trường chia sẻ như Internet bằng mạng riêng ảo (Virtual Private Networks – VPN).

Qua Khóa học SVPN (300-730) này học viên có thể cấu hình và xử lý sự cố các giải pháp Cisco VPN trên các dòng thiết bị Cisco IOS, Cisco ASA.

Nội dung chính trong khóa học:

  • Hiểu được các công nghệ VPN, cách thức triển khai cũng như lựa chọn các giải thuật mã hóa dùng để bảo vệ an toàn dữ liệu.
  • Triển khai và vận hành các giải pháp:
  • Cisco VPN site-to-site
  • Cisco FlexVPN in point-to-point, hub-and-spoke và spoke-to-spoke IPsec VPNs.
  • Cisco clientless SSL VPN
  • Cisco AnyConnect SSL and IPsec VPNs.
  • Endpointsecurity và dynamic access policies (DAP).

SITE-TO-SITE VIRTUAL PRIVATE NETWORKS ON ROUTERS AND FIREWALLS

-       Describe GETVPN

-       Implement DMVPN (hub-and-spoke and spoke-to-spoke on both IPv4 & IPv6)

-       Implement FlexVPN (hub-and-spoke on both IPv4 & IPv6) using local AAA.

REMOTE ACCESS VPNS

-       Implement AnyConnect IKEv2 VPNs on ASA and routers

-       Implement AnyConnect SSLVPN on ASA and routers

-       Implement Clientless SSLVPN on ASA and routers

-       Implement Flex VPN on routers.

TROUBLESHOOTING USING ASDM AND CLI

-       Troubleshoot IPsec

-       Troubleshoot DMVPN

-       Troubleshoot FlexVPN

-       Troubleshoot AnyConnect IKEv2 and SSL VPNs on ASA and routers

-       Troubleshoot Clientless SSLVPN on ASA and routers.

SECURE COMMUNICATIONS ARCHITECTURES

-       Identify functional components of GETVPN, FlexVPN, DMVPN, and IPsec for site-to-site VPN solutions

-       Identify functional components of FlexVPN, IPsec, and Clientless SSL for remote access VPN solutions

-       Identify VPN technology based on configuration output for site-to-site VPN solutions

-       Identify VPN technology based on configuration output for remote access VPN solutions

-       Identify split tunneling requirements for remote access VPN solutions

-       Design site-to-site VPN solutions

ü  VPN technology considerations based on functional requirements

ü  High availability considerations

-       Design remote access VPN solutions

ü  VPN technology considerations based on functional requirements

ü  High availability considerations

ü  Clientless SSL browser and client considerations and requirements

-       Identify Elliptic Curve Cryptography (ECC) algorithms.

NỘI DUNG KHÓA HỌC

SITE-TO-SITE VIRTUAL PRIVATE NETWORKS ON ROUTERS AND FIREWALLS

-       Describe GETVPN

-       Implement DMVPN (hub-and-spoke and spoke-to-spoke on both IPv4 & IPv6)

-       Implement FlexVPN (hub-and-spoke on both IPv4 & IPv6) using local AAA.

REMOTE ACCESS VPNS

-       Implement AnyConnect IKEv2 VPNs on ASA and routers

-       Implement AnyConnect SSLVPN on ASA and routers

-       Implement Clientless SSLVPN on ASA and routers

-       Implement Flex VPN on routers.

TROUBLESHOOTING USING ASDM AND CLI

-       Troubleshoot IPsec

-       Troubleshoot DMVPN

-       Troubleshoot FlexVPN

-       Troubleshoot AnyConnect IKEv2 and SSL VPNs on ASA and routers

-       Troubleshoot Clientless SSLVPN on ASA and routers.

SECURE COMMUNICATIONS ARCHITECTURES

-       Identify functional components of GETVPN, FlexVPN, DMVPN, and IPsec for site-to-site VPN solutions

-       Identify functional components of FlexVPN, IPsec, and Clientless SSL for remote access VPN solutions

-       Identify VPN technology based on configuration output for site-to-site VPN solutions

-       Identify VPN technology based on configuration output for remote access VPN solutions

-       Identify split tunneling requirements for remote access VPN solutions

-       Design site-to-site VPN solutions

ü  VPN technology considerations based on functional requirements

ü  High availability considerations

-       Design remote access VPN solutions

ü  VPN technology considerations based on functional requirements

ü  High availability considerations

ü  Clientless SSL browser and client considerations and requirements

-       Identify Elliptic Curve Cryptography (ECC) algorithms.