2. *
EvolutionoftheNetwork
Voice Transport
Telecommuting / VPN
Wireless
Web 2.0 Apps
Unified Communications
IP Video, TelePresence
Enhanced Security
Switching
Routing
Storage
Role of the Network Grows
Knowledge
Gap
Converged Solutions
 50% of Security is
secure routers.
 35% of Voice is
router-embedded.
 Wireless is 15%
and growing
annually.
3.12 M Gap by 2012
3. In all markets, especially emerging markets, training and
certification for specialized skills are in demand
•80% of surveyed companies worldwide expect dedicated
security role with 5 years (currently 46%)
•69% expect dedicated voice role (40%)
•66% expect dedicated wireless job role (36%)
*
4. Cisco Learning Partner COURSE:
Implementing Cisco Unified Wireless
Networking Essentials (IUWNE)
EXAM: IUWNE 640-721
CCNA Wireless
Cisco Learning Partner COURSE:
Implementing Cisco IOS Network
Security (IINS)
EXAM: IINS 640-453
CCNA Security
CCNA Concentrations: One Pre-Requisite
Three Pathways to Success…
Cisco Learning Partner COURSE:
Implementing Cisco IOS Unified
Communications (IIUC)
EXAM: IIUC 640-460
CCNA Voice
Requirements: Hold active CCNA Certification (640-802 CCNA comp exam or 640-
822 ICND1 and 640-816 ICND2 exams) and pass the corresponding CCNA
Concentration exams
5. *
* Verifies an individual’s skills in the
following roles:
*Network Security Specialists
*Security Administrators
*Network Security Support Engineers
* Enables installation, troubleshooting and
monitoring of Cisco Security
devices/technologies.
* Ability to administer security policies and
identify risks in networks
* Serves as prerequisite for CCSP
Certification
* Employers hiring individuals can feel
confident their staff has the skills needed
to install, troubleshoot and monitor Cisco
security technologies.
6. *
* In-depth network security education
* Comprehensive understanding of network security concepts
* Hands-on knowledge and skills, emphasizing practical experience
* For entry-level job roles in network security
* Installation, troubleshooting and monitoring of network devices to
maintain integrity, confidentiality and availability of data and devices
* Prepares students for CCNA Security certification (IINS 640-553 exam)
7. *
CCNA Security helps students:
* Gain an introduction to core security technologies
* Learn how to develop security policies and mitigate risks
* Acquire the skills needed to develop a security infrastructure
* Recognize vulnerabilities to networks
* Mitigate potential security threats
* Prepare for the CCNA Security certification exam
* Start or build a career in networking security
* Differentiate themselves in the market with specialized skills and
expertise to achieve success
8. *
SND
Cisco Certified Security
Professional (CCSP) Certification
(as originally designed)
CCNA
Certification
(SND is Moved to CCNA Security)
SNRS
SNPA
IPS
Elective Exam
SNAF
IPS
SNRS
CCSP Certification
(Revised in 2009)
Professional-level Associate-level
Elective Exam
IINS exam
(640-553)
CCNA Security Course
CCNA certification is a
pre-requisite for CCNA
Security certification
CCNA Security
Certification
9. *
* Career starters seeking career-oriented, entry-level security
specialist skills
* Working IT professionals looking to expand their core routing and
switching skills to change or enhance their career
* Students in technical degree programs at institutions of higher
education (colleges, universities, technical schools)
10. *
* Describe the security threats facing modern network infrastructures
* Secure Cisco routers
* Implement AAA on Cisco routers using local router database and external ACS
* Mitigate threats to Cisco routers and networks using ACLs
* Implement secure network management and reporting
* Mitigate common Layer 2 attacks
* Implement the Cisco IOS firewall feature set using SDM
* Implement the Cisco IOS IPS feature set using SDM
* Implement site-to-site VPNs on Cisco Routers using SDM
11. *
*Describe and list
mitigation methods for
common network attacks
*Describe and list
mitigation methods for
Worm, Virus, and Trojan
Horse attacks
*Describe the Cisco Self
Defending Network
architecture
12. *
*Secure Cisco routers using the SDM
Security Audit feature
*Use the One-Step Lockdown feature in
SDM to secure a Cisco router
*Secure administrative access to Cisco
routers by setting strong encrypted
passwords, exec timeout, login failure
rate and using IOS login enhancements
*Secure administrative access to Cisco
routers by configuring multiple
privilege levels
*Secure administrative access to Cisco
routers by configuring role based CLI
*Secure the Cisco IOS image and
configuration file
No, too simple….
13. *
*Explain the functions and
importance of AAA
*Describe the features of
TACACS+ and RADIUS AAA
protocols
*Configure AAA authentication
*Configure AAA authorization
*Configure AAA accounting
14. *
*Explain the functionality of
standard, extended, and
named IP ACLs used by
routers to filter packets
*Configure and verify IP ACLs
to mitigate given threats
(filter IP traffic destined for
Telnet, SNMP, and DDoS
attacks) in a network using
CLI
*Configure IP ACLs to prevent
IP address spoofing using CLI
*Discuss the caveats to be
considered when building
ACLs
15. *
*Use CLI and SDM to configure
SSH on Cisco routers to enable
secured management access
*Use CLI and SDM to configure
Cisco routers to send Syslog
messages to a Syslog server
17. *
*Describe the
operational strengths
and weaknesses of the
different firewall
technologies
*Explain stateful firewall
operations and the
function of the state
table
*Implement Zone Based
Firewall using SDM
18. *
*Define network based vs. host
based intrusion detection and
prevention
*Explain IPS technologies,
attack responses, and
monitoring options
*Enable and verify Cisco IOS IPS
operations using SDM
19. *
*Explain the different
methods used in
cryptography
*Explain IKE protocol
functionality and phases
*Describe the building blocks
of IPSec and the security
functions it provides
*Configure and verify an
IPSec site-to-site VPN with
pre-shared key
authentication using SDM