Download CCNA Security Overview

Updated February 2012
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
1
Overview
1
Course Design
2
Instructor Training
3
Where to Find More Information
4
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
2
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
3
CCNA Security helps students:
• Understand core security concepts and how to
develop and implement security policies to
mitigate risks
• Acquire skills needed configure, monitor, and
troubleshoot network security using actual
equipment and simulation tools
• Prepare for CCNA Security certification exam
• Start or build a career in network security
• Differentiate themselves in the market with
specialized skills and expertise to achieve
success
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
4
Subtitle: Size 24, Left Aligned
Upon completion of the course, students will be able to:
•
•
•
•
•
Describe the security threats facing modern network infrastructures
Secure network device access
Implement AAA on network devices
Mitigate threats to networks using ACLs
Implement secure network management and reporting
•
•
•
•
Mitigate common Layer 2 attacks
Implement the Cisco IOS firewall feature set
Implement an ASA
Implement the Cisco IOS IPS feature set
• Implement site-to-site IPSec VPNs
• Administer effective security policies
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
5
• Aligns with updated CCNA Security (IINS) Certification Exam (640-
554)
• Cisco ASA content added in a new chapter (Ch. 10) including four
ASA labs
• Cisco Configuration Professional (CCP) replaced Security Device
Manager (SDM) throughout the course content and labs
• Expanded scope of existing content, including the following:
• Info on mitigating SNMP threats
• Discussion on IPv6 ACLs and object groups
• Content on IPS Global Correlation and Security Intelligence Operation (SIO)
• Info on Bridge Protocol Data Unit (BPDU) filtering
• Info on Cisco protected port feature (PVLAN Edge)
• Content on Cisco SecureX security architecture
• Info on the Secure Copy (SCP) command
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
6
End-of-Life Milestones for CCNA Security v1.0
End-of-Life
Announcement
Last Class
Start Date
Last Class
End date
End-of-Support and
End-of-Availability
8-MAR-2012
31-May-2012
31-Aug-2012
31-Aug-2012
Cisco IINS Certification Exam Availability
Course
Exam Name
Exam Number
Availability
CCNA Security v1.0
IINS
640-553
Available through September 30, 2012
CCNA Security v1.1
IINS
640-554
From February 28, 2012
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
7
Who Should Enroll?
• College and university-level students seeking career-oriented,
entry-level security specialist skills
• IT professionals wishing to broaden or add specialized skills to
their technology expertise
• Current CCNA Certification holders who wish to continue to build
on their CCNA knowledge base
• Prerequisites: CCNA-level networking concepts and skills
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
8
ROUTE:
Implementing
IP Routing
SWITCH:
Implementing IP
Switched Networks
Networking for
Home and Small
Businesses
Working at a
Small-to-Medium
Business
or ISP
Network
Professional
Introducing Routing
and Switching in the
Enterprise
Designing and
Supporting
Computer Networks
Network
Specialist
Network
Associate
Network
Technician
IT Essentials:
PC Hardware
and Software
TSHOOT:
Troubleshooting
and Maintaining IP
Networks
Network
Fundamentals
Routing Protocols
and Concepts
LAN Switching
and Wireless
CCNA
Security
CCNP
Accessing the
WAN
CCNA
Security
CCNA
Discovery
CCNA
Exploration
IT
Essentials
IT Technician
PACKET TRACER
Student Networking Knowledge and Skills
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
9
Courses Align with Globally Recognized Certifications
CompTIA
A+
CCNA
CCENT
CCNA
CCNA
Security
CCNP
IT
Essentials
CCNA
Discovery
CCNA
Exploration
CCNA
Security
CCNP
Student Networking Knowledge and Skills
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
10
Certification
Name
Years of
Experience
Job Role
Number
of Exams
CCNA Security
1–3
Network Security Specialist,
Security Administrator,
Network Security Support
Engineer
1
CCNP Security
3–5
Network Security Engineer
4
CCIE Security
7+
Network Security Engineer
2
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
11
Meets Growing Demand
• Verifies an individual’s skills in the following roles:
Network Security Specialists
Security Administrators
Network Security Support Engineers
• Enables installation, troubleshooting and
monitoring of Cisco Security devices/technologies
• Ability to develop security policies and mitigate risk
in networks
• Serves as prerequisite for CCNP Security
Certification
• Employers hiring individuals can feel confident their
staff has the skills needed to install, troubleshoot
and monitor Cisco security technologies
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
12
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
13
• Same Graphical User Interface (GUI) as the CCNA Discovery and CCNA
Exploration curricula
• 10 chapters and chapter exams
• 10 Packet Tracer activities
• 16 hands-on labs
• One Packet Tracer Practice skills-based assessment
• One final exam and one skills-based assessment
• Balance of theory, hands-on practice, and application
• Available in English only, no translated versions are planned
• Enabled for both in-person and blended learning environments
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
14
Equipment Requirements
 Leverages CCNA Discovery/CCNA Exploration equipment bundle and topology and is
identical to the v1.0 equipment list with the addition of a Cisco ASA (Model 5505).
 NDG NetLab-compatible topology—enabled for remote operation
 The Advanced IP Service feature set (ISR G1) and the Security Technology Package
(SEC) license required are available for academies that are part of Networking Academy
Maintenance
Minimum System Requirements
Curriculum requirements:
1 Student PC per student
1 local curriculum server
Lab bundle requirements for CCNA Security:
3 Cisco routers, 2 with the Security Technology Package
3 Two-Port Serial WAN Interface Cards
3 Cisco switches
1 Cisco Adaptive Security Appliance (ASA)
Assorted Ethernet and Serial cables and hubs
Detailed equipment information is available in the Instructor
version of the Lab Manual and in the official CCNA Security
Equipment List on in the Equipment Information section on
Academy Connection.
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
15
Course Chapters and Goals
Ch. 1
Modern Network Security Threats
Ch. 2
Securing Network Devices
Ch. 3
Authentication, Authorization and Accounting
Ch. 4
Implementing Firewall Technologies
Ch. 5
Implementing Intrusion Prevention
Ch. 6
Securing the Local Area Network
Ch. 7
Cryptographic Systems
Ch. 8
Implementing Virtual Private Networks
Ch. 9
Managing A Secure Network
Ch. 10
Implementing the Cisco Adaptive Security Appliance (ASA)
Goal: Explain network threats, mitigation techniques, and the basics of securing a network.
Goal: Securing administrative access on Cisco routers.
Goal: Securing administrative access with AAA.
Goal: Implement firewall technologies to secure the network perimeter.
Goal: Configure IPS to mitigate attacks on the network.
Goal: Describe LAN security considerations and implement endpoint and Layer 2 security features.
Goal: Describe methods for implementing data confidentiality and integrity.
Goal: Implement secure virtual private networks.
Goal: Given the security needs of an enterprise, create and implement a comprehensive security policy.
Goal: Implement firewall technologies using the ASA to security the network perimeter.
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
16
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
17
• All instructors should have CCNA-level
networking knowledge and skills
• New CCNA Security instructors
• Instructor training required
• Fast track possible with evidence of CCNA
Security or higher certification or industry
experience
• Instructor training format and materials
• Delivered by CCNA Security Training
Centers or Instructor Training Centers
(ITCs)
• 40 hours training—in-person, blended (3day in-person), or remote delivery formats
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
18
• Instructor training is delivered by authorized CCNA Security
Training Centers
• Open model—instructors can participate in instructor training from
any training center in their region
• Complete global list of authorized CCNA Security Training Centers
available on CCNA Security Course Catalog page on Academy
Connection
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
19
Academy
wants to offer
CCNA Security
Has
Instructor
passed
CCNA Security
Training?
No
Register for a CCNA Security
instructor training class with a
CCNA Security Training Center
or Instructor Training Center
(ITC) in your region
Yes
Academies who have completed their Academy Evolution migration
should contact the Networking Academy Global Support Desk to
request the addition of the CCNA Security curriculum to their academy.
If your academy has not yet completed migration ,your CCNA Security
Training Center will be able to add the curriculum for you.
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
20
Academy Connection System Prerequisites
Students
No Academy Connection Prerequisites
Prerequisites for  Students must have:
• CCNA-level networking knowledge and skills
Student
• Basic PC and internet navigation skills
Enrollment
 Students encouraged to complete CCNA
Discovery or CCNA Exploration curricula
Instructors
Prerequisites to
Teach Student
Classes
CCNA Security AND Orientation
OR
CCNA Security Instructor Fast Track
AND Orientation
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
21
• Latest documents are posted on CCNA Security Course Catalog
page on Academy Connection
CCNA Security Scope and Sequence
CCNA Security FAQs
CCNA Security Datasheet
CCNA Security At A Glance
CCNA Security Overview Presentation
• The CCNA Security v1.1 Instructor learning opportunity located @
http://lms.netacad.net/index.php
• Certification information
CCNA Concentrations Q&A
CCNA Security certification
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
22
Thank you.