Deploying Security in Cisco ACI

Duration: 
5 days
Codes: 
UCSDACI,ACI

Overview

This course is focused on the knowledge and skills required to successfully deploy, configure, and maintain Cisco ACI security. Including how you implement a secure Cisco Application Centric Infrastructure (ACI) operation, and integrate security services with the Cisco ACI Fabric

A brief overview of the Cisco ACI architecture, including an examination of the Cisco Nexus 9000 Series Switches for data centers is incorporated. You will have the opportunity to discover how to implement security mechanisms in the operational infrastructure with the Cisco ACI environment. You also explore the process for provisioning security services in Cisco ACI, including external Cisco Adaptive Security Appliance (ASA), Adaptive Security Virtual Appliance (ASAv) instances, and Cisco Firepower capabilities. This course combines lecture materials and hands-on labs throughout to make sure you are able to successfully deploy, configure, and maintain Cisco ACI security.

Audience

Security-focused and traditional network and data center engineers tasked with security roles in a Cisco networking environment.

Skills Gained

After completing this course you should be able to understand:

  • Basic Cisco ACI architecture and operation
  • Tenant security
  • Security domains
  • Secure fabric operation
  • Authentication, authorization, and accounting (AAA) integration
  • Microsegmentation
  • L4 andL7 service graphs
  • Function profiles
  • External ASA device integration
  • ASAv appliance integration
  • Cisco Firepower Next-Generation Intrusion Prevention System (NGIPS) integration

Prerequisites

Attendees should meet the following prerequisites:

  • Complete knowledge of Cisco networking
  • Data center and virtualization knowledge
  • Network and data center security skills

Course Outline

Basics of Cisco ACI

  • Cisco APIC Architecture and Operation
  • Cisco ACI Logical Elements

Security Built In to Cisco ACI

  • Inherent Cisco ACI Security Mechanisms
  • Securing the Cisco ACI Environment from Threats

Security Services in Cisco ACI

  • L4 and L7 Services Key Concepts
  • Security Appliances in Cisco ACI
  • Deploying Cisco ASA in Cisco ACI
  • Deploying Cisco ASAv in Cisco ACI
  • Deploying Cisco FirePOWER NGIPS in Cisco ACI

Labs

  • Lab 1: Exploring the Cisco ACI Fabric
  • Lab 2: Exploring the Cisco APIC
  • Lab 3: Configuring Cisco Secure Access Control System (ACS) Terminal Access Controller Access Control System+ (TACACS+) Integration
  • Lab 4: Configuring Cisco ACI L4 and L7 Service Insertion
  • Lab 5: Configuring a Firewall High-Availability Pair
  • Lab 6: Configuring and Inserting a Firewall High-Availability Pair in Routed Mode
  • Lab 7: Configuring and Inserting an ASAv in Transparent Mode
  • Lab 8: Configuring and Inserting a Virtual Cisco Firepower NGIPS in Inline Mode

Thinking about Onsite?

If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. It's a cost effective option.

Submit an enquiry from any page on this site, and let us know you are interested in the requirements box, or simply mention it when we contact you.

Upcoming Dates

  • GREEN This class is Guaranteed To Run.
  • SPVC - Self-Paced Virtual Class.
  • Click a Date to Enroll.
Course Location Days Cost Date
Onsite
Onsite5 2500 £2500 2019-06-18