Content
Securing Cisco Network Devices v2.0
This set of lab exercises contains all the exercises associated with the Securing Cisco Network Devices (SND) course. The lab exercises are based on the fact that you are familiar with the underlying technology aspects and they allow you to primarily focus on the configuration aspects of Cisco security technologies. These task-oriented lab exercises allow you to aquire the skills needed to secure networks using Cisco IOS routers. The exercises cover the discovery of network vulnerabilities and threats followed by the methods for securing the access to the Cisco router and configuration of the security features. The last exercise in the set enables you to secure the data transfer across non-trusted networks using IPsec VPNs.
Content
This set of lab exercises contains the following exercises:
- Securing Administrative Access to Cisco Routers
- Configuring AAA for Cisco Routers
- Using Cisco SDM Security Audit
- Configuring a Cisco IOS Firewall
- Configuring Cisco IOS IPS
- Configuring Site-to-Site IPsec VPNs
- Configuring a Remote-Access VPN Client
Objectives
Upon finishing this set of exercises, you will be able to:
Scan a host using various reconnaissance tools and use Ethereal to analyze network traffic
- Configure and Cisco IOS password security features
- Configure and verify local database authentication using AAA
- Configure the IOS router and Cisco Secure ACS database for authentication
- Harden the Cisco IOS router by disabling services, configuring access lists and using the AutoSecure feature
- Use SDM to configure the Cisco router for inbound and outbound access
- Set up and test a Remote Access IPsec VPN between the Cisco VPN client and the Cisco router with pre-shared key authentication
Importance
This set of lab exercises is highly recommended for all students deploying Cisco security devices in an enterprise environment, as well as using them for access control and/or building remote access or site-to-site VPNs.
Target Audience
The lab exercises are targeted at pre- and post-sales technical support engineers who have to design and implement networks based on Cisco IOS routers, and want to use various provisioning methods, including CLI, and device managers.
Prerequisite Knowledge
To successfully complete this set of exercises, you need to be familiar with generic IP routing and traffic filtering, and understand the basic concepts of network security. You should have practical experience with Cisco network devices, as well as basic knowledge of Windows operating systems. The knowledge is best gained by attending the Interconnecting Cisco Network Devices (ICND) and Securing Cisco Network Devices (SND) courses.