Course Details

Previous Page


Implementing Cisco Secure Mobility Solutions (SIMOS) 1.0 Expert Encore


Overview/Description
Target Audience
Expected Duration
Lesson Objectives
Course Number



Overview/Description
Implementing Cisco Secure Mobility Solutions (SIMOS) v1.0 is a newly created instructor-led training (vILT) course that is part of the curriculum path leading to the Cisco Certified Network Professional Security (CCNP Security) certification. This course is designed to prepare network security engineers with the knowledge and skills they need to protect data traversing a public or shared infrastructure such as the Internet by implementing and maintaining Cisco VPN solutions. Students of this course will gain hands-on experience with configuring and troubleshooting remote access and site-to-site VPN solutions, using Cisco ASA adaptive security appliances and Cisco IOS routers.
Prerequisites
The knowledge and skills that a learner must have before attending this course are as follows:
Valid CCNA Security or CCSP Certification
Any CCIE Certification
Certification
CCNP Security
Exams
300-209 SIMOS
Included Labs
Configuring the Cisco ASA for Site-to-Site VPN
Disabling NAT for Testing
Verifying the Site-to-Site VPN
Implement Cisco IOS Static VTI Point-to-Point Tunnel
Verify Static VTI Point-to-Point Tunnel
Implement DMVPN
Configure DMVPN Spokes - Part 1
Configure DMVPN Spokes - Part 2
Configure OSPF Routing in DMVPN
Verify DMVPN Hub and Spoke Operation
Configure a DMVPN Spoke-to-Spoke Communication
Verify DMVPN Spoke-to-Spoke Communication
Implement Point-to-Point FlexVPN Using Smart Defaults and Minimal Configuration - Part 1
Implement Point-to-Point FlexVPN Using Smart Defaults and Minimal Configuration - Part 2
Implement Point-to-Point FlexVPN Using Smart Defaults and Minimal Configuration - Part 3
Implement Point-to-Point FlexVPN Using Smart Defaults and Minimal Configuration - Part 4
Modify Smart Defaults to Increase Protection Strength - Part 1
Modify Smart Defaults to Increase Protection Strength - Part 2
Implement Point-to-Point FlexVPN Without Smart Defaults - Part 1
Implement Point-to-Point FlexVPN Without Smart Defaults - Part 2
Implement Point-to-Point FlexVPN Without Smart Defaults - Part 3
Implement Point-to-Point FlexVPN Without Smart Defaults - Part 4
Prepare PKI - Part 1
Prepare PKI - Part 2
Prepare PKI - Part 3
Prepare PKI - Part 4
Configure One Side for Certificate-Based Authentication - Part 1
Configure One Side for Certificate-Based Authentication - Part 2
Configure Hub and Spoke for Virtual Access Connections - Part 1
Configure Hub and Spoke for Virtual Access Connections - Part 2
Configure Certificate-Based Authentication On Spoke - Part 1
Configure Certificate-Based Authentication On Spoke - Part 2
Configure Locally Managed Mode Config - Part 1
Configure Locally Managed Mode Config - Part 2
Add a Second FlexVPN Spoke - Part 1
Add a Second FlexVPN Spoke - Part 2
Add a Second FlexVPN Spoke - Part 3
Configure BGP
Configure Spoke-to-Spoke Shortcut Switching - Part 1
Configure Spoke-to-Spoke Shortcut Switching - Part 2
Configure Spoke-to-Spoke Shortcut Switching - Part 3
Outline
Implementing Cisco Secure Mobility Solutions
Module 1 Fundamentals of VPN Technologies and Cryptography
Describe the role of VPNs in network security
Describe cryptography solutions, algorithms, and protocols
Module 2 Deploying Secure Site-to-Site Connectivity Solutions
Describe Cisco secure site-to-site connectivity solutions
Deploy point-to-point IPsec VPNs on the Cisco ASA
Deploy Cisco IOS VTI-based point-to-point IPsec VPNs
Deploy Cisco IOS DMVPNs
Module 3 Deploying Cisco IOS Site-to-Site FlexVPN Solutions
Evaluate site-to-site VPN technologies
Describe the use of FlexVPN in point-to-point IPsec VPNs
Describe the hub-and-spoke connectivity scenario that can be implemented using the FlexVPN framework
Describe the spoke-to-spoke connectivity scenario that can be implemented using the FlexVPN framework
Module 4 Deploying Clientless SSL VPN
Describe clientless SSL VPN and provide a general description of the SSL/TLS protocol
Configure and verify baseline clientless SSL VPN remote access features of the Cisco ASA security appliance
Deploy and manage advanced application-access features of a clientless Cisco SSL VPN
Deploy and manage advanced authentication and authorization features of a clientless Cisco SSL VPN
Module 5 Deploying Cisco AnyConnect VPNs
Configure, verify, and troubleshoot a basic Cisco AnyConnect SSL VPN on a Cisco ASA security appliance
Configure, verify, and troubleshoot advanced features of Cisco AnyConnect SSL VPNs
Configure, verify, and troubleshoot advanced authentication and authorization in Cisco AnyConnect
VPNs
Configure, verify, and troubleshoot a Cisco AnyConnect IPsec/IKEv2 VPN on Cisco ASA security appliances
Module 6 Endpoint Security and Dynamic Access Policies
Implement Cisco HostScan for both clientless and full-tunnel SSL VPNs
Integrate DAP with Host Scan on the Cisco ASA security appliance


Target Audience
This course covers a variety of Virtual Private Network (VPN) solutions that Cisco has available on the Cisco ASA firewall and Cisco IOS software platforms. In addition, the proper implementation of highly secure remote communications through VPN technology, such as remote access SSL VPN and site-to-site VPN (DMVPN, FlexVPN) is covered. It is also perfect for students interested in pursuing their Cisco Certified Network Professional Security (CCNP Security) certification.

Expected Duration (hours)
32.0

Lesson Objectives

Implementing Cisco Secure Mobility Solutions (SIMOS) 1.0 Expert Encore

  • Describe the various VPN technologies and deployments as well as the cryptographic algorithms and protocols that provide VPN security.
  • Implement and maintain Cisco site-to-site VPN solutions.
  • Implement and maintain Cisco FlexVPN in point-to-point, hub-and-spoke, and spoke-to-spoke IPsec VPNs.
  • Implement and maintain Cisco clientless SSL VPNs.
  • Implement and maintain Cisco AnyConnect SSL and IPsec VPNs.
  • Implement and maintain endpoint security and dynamic access policies (DAP).
  • Course Number:
    LLCS0092