Our new CCIE Security Version 4 Technology Labs and Solutions are now available in your members’ site account for customers who owned the previous CCIE Security Volume 1 or 2 workbooks. The labs are in the new HTML format like our Data Center material to ensure you always have the most up to date material along with allowing for advanced features (bookmarking, highlight tasks, etc). The full scale mock labs are in development now and are included with the Security workbook as we are doing away with the volume naming structure (Volume I, II, III, etc) and have gone to a single workbook.

Here is what is available in your members’ site account:

Section 1: System Hardening and Availability

  • Routing Protocol Authentication with RIPv2
  • Routing Protocol Authentication with OSPF
  • Routing Protocol Authentication with EIGRP
  • Routing Protocol Authentication with BGP4
  • Route Filtering with EIGRP
  • Route Filtering with OSPF
  • Route Filtering with RIPv2
  • Control Plane Policing
  • Control Plane Protection
  • Management Plane Protection
  • Disabling Unnecessary Services
  • Controlling Device Access
  • CPU Protection Mechanisms
  • Selective Packet Discard
  • Controlling Device Services
  • Transit Traffic Control with Flexible Packet Matching
  • Congestion Management
  • IOS File System Security
  • Network Telemetry Identification and Classification of Security Events
  • BGP TTL Security Hack
  • IPv6 Selective Packet Discard

  • Section 2: Threat Identification and Mitigation

  • Disabling DTP on All Non-Trunking Access Ports
  • Port Security on a Switch
  • Storm Control on a Switch
  • Port Blocking on a Switch
  • PVLAN (Private VLAN) on a Switch
  • Private VLAN (PVLAN) Configuration Propagation
  • Port ACL (PACL) on a Switch
  • MAC ACL on a Switch
  • VLAN ACL (VACL) on a Switch
  • Preventing STP Attacks Using BPDU Guard
  • Preventing STP Reconnaissance Attacks Using BPDU Filter
  • Preventing STP Attacks Using Root Guard
  • Preventing STP Loops Using Loop Guard
  • Preventing DHCP Spoofing Attacks Using DHCP Snooping
  • Preventing DHCP Spoofing Attacks Using DHCP Snooping with Port-Security
  • Preventing ARP Spoofing Using DAI (Dynamic ARP Inspection)
  • Configuring IP Source Guard
  • Preventing VLAN Hopping Attacks
  • Implementing RFC 1918 Anti-Spoofing Filtering
  • Implementing RFC 2827 Anti-Spoofing Filtering
  • Implementing RFC 3330 Anti-Spoofing Filtering
  • Enabling TCP Intercept on a Router
  • Enabling TCP Intercept Watch Mode on a Router
  • Enabling TCP Intercept on the Cisco ASA Security Appliance
  • FPM (Flexible Packet Matching) and Configuration of Nested Policy Maps
  • Classification Using NBAR
  • Understanding and Enabling NetFlow on a Router
  • Preventing an ICMP Attack Using ACLs
  • Preventing an ICMP Attack Using NBAR
  • Preventing an ICMP Attack Using Policing
  • Preventing an ICMP Attack Using MPF
  • Preventing a SYN Attack Using ACLs
  • Preventing a SYN Attack Using Policing
  • Preventing a SYN Attack Using CBAC
  • Preventing a SYN Attack Using CAR
  • Preventing Application Protocol–Specific Attacks Using MPF
  • Preventing IP Spoofing Attacks Using uRPF
  • Preventing Fragment Attacks Using ACLs
  • Section 3: Intrusion Prevention and Content Security

  • IPS Initial Setup
  • Configuring an Inline Interface Pair
  • Creating a Custom Signature
  • Event Counting
  • Inline Blocking
  • IPS VLAN Groups and Virtual Sensors
  • Promiscuous Mode
  • IPS Event Summarization
  • IPS Event Processing and Blocking
  • IPS Rate-Limiting
  • IPS Application Inspection and Control
  • IPS META Engine
  • IPS Anomaly Detection
  • Section 4: Identity Management

  • Initializing Cisco Secure ACS
  • Configuring AAA Clients
  • User and Local Identity Stores
  • ACS Active Directory Integration
  • Command Authorization
  • Installing ACS Certificates
  • 802.1x Authentication with Cisco ACS
  • VLAN Control
  • 802.1x VLAN Assignments
  • HTTP Authentication
  • ISE Initial Configuration
  • ISE Certificates and Admin Access
  • AD Integration
  • ISE and MAB
  • 802.1X With ISE and Windows 7
  • Wired Local Web Authentication with ISE
  • Wireless 802.1x with ISE
  • Section 5: Perimeter Security and Services – ASA Firewalls

  • VLANs and IP Addressing
  • RIPv2
  • OSPF
  • Advanced Routing
  • IP Access-Lists
  • Object Groups
  • Administrative Access
  • ICMP Traffic
  • URL Filtering
  • Dynamic NAT and PAT
  • Static NAT and PAT
  • Policy NAT and PAT
  • Static Policy NAT and PAT on ASA1
  • Static Identity NAT
  • Outside Dynamic NAT
  • DNS Doctoring Using “Alias”
  • DNS Doctoring Using “Static”
  • Fragmented Traffic
  • IDENT Issues
  • BGP across the Firewall
  • Stub Multicast Routing
  • PIM Multicast Routing
  • Network Time Protocol
  • System Logging
  • Filtering System Logs
  • SNMP Monitoring
  • DHCP Server
  • HTTP Traffic Inspection
  • FTP Traffic Inspection
  • SMTP Traffic Inspection
  • TCP Inspection
  • RADIUS Accounting for GPRS Traffic Inspection
  • ICMP Traffic Inspection
  • Threat Detection
  • Un-Stealthing the Firewall
  • Get Title
  • Low Latency Queuing
  • Traffic Shaping
  • Hierarchical Queuing
  • Transparent Firewall
  • ARP Inspection
  • Ethertype Access-Lists
  • Transparent Firewall NAT
  • Firewall Contexts
  • Firewall Contexts Routing
  • Firewall Contexts Classification
  • Resource Management
  • Active-Standby Failover
  • Active-Active Failover
  • ASA Redundant Interface and Etherchannel
  • ASA Enhanced Object Groups
  • Identity Firewall
  • Section 6: Perimeter Security and Services – IOS Firewalls

  • IOS Access-Lists
  • Dynamic ACLs
  • Reflexive ACLs
  • Context-Based Access Control
  • Port-to-Application Mapping (PAM)
  • IOS Firewall and Stateful Failover
  • IOS Firewall Performance Improvements
  • CBAC Connection Tuning and TCP Intercept
  • uRPF
  • Zone-Based Policy Firewall
  • Zone-Based Firewall HA
  • Simple Cisco IOS NAT
  • Note that additional labs for Section 6 (Perimeter Security and Services – IOS Firewalls) will be available by Tuesday along with Section 7 (Confidentiality and Secure Access).

    About Brian Dennis, CCIE #2210:

    Brian Dennis has been in the networking industry for more than 22 years, with a focus on Cisco networking for the past 16 years. Brian achieved his first CCIE in Routing & Switching in 1996, and is currently the only ten year CCIE that holds five CCIE certifications. Prior to working with INE, Brian taught and developed CCIE preparation courses for various well known training organizations. Brian not only brings his years of teaching experience to the classroom, but also years of real world enterprise and service provider experience.

    Find all posts by Brian Dennis, CCIE #2210 | Visit Website

    You can leave a response, or trackback from your own site.

    49 Responses to “CCIE Security Version 4 Technology Labs and Solutions – Now Available!”

    1. Bharath R says:

      Great Going people!!!!! Will I get this if I’ve purchased v3 security Ultimate Bundle???? What about the ATC for security V4???

    2. Ozone007 says:

      Finaly Most awaited WB is here :)

      thank you INE

    3. Muhammad Nasir says:

      great job when ATC V4 will be available for downloading any idea?

    4. Dennis Day says:

      How long before we have the V4 racks to go with the workbooks :)

    5. Tommy says:

      The new workbooks format look awesome and congrats for that.
      However i think the answers and solutions should be hidden on the first place with a “show solution” button. Or separated from the lab and tasks.

    6. Roy says:

      Awesome, I look forward to these. Just out of curiosity will there be any updates on the Videos?

      Currently the ATC and Security Lab Preparation Bootcamp Download are V3.5. Some of the videos still use the old SecV3 blueprint like ACS4 in the RADIUS, TACACS+, & Cisco Secure ACS Configuration video.

      By the way you guys are doing a great job and I see so many updates in other areas like Data Center and the likes, so I can tell how busy you are.

    7. Obinna says:


      When will the initial configs for the various tasks be added? Well done guys

    8. ozone007 says:

      its online content delivery system i m right ? bec i don’t have internet connection constantly so how can i get this workbook is their any way that i can use this workbook offline i am planning to purchase but if its online then this is no use for me :(

    9. jason taylor says:

      Hi, the new workbook looks great!!! Are the other CCIE tracks going use the same format in the future?

    10. Deepak Arora says:

      Are this workbooks printable/ Downloadable as PDF ?

    11. Carlos Figueroa says:

      Great news!

      I cannot see the initial configuration files.

      Thank you for your great effort.

    12. Ken says:


    13. Kevin John says:

      Excellent, bring it on!!

    14. Kamal says:

      Have you included IronPort Web Security Appliance (WSA)

    15. Steve Di Bias says:

      Thanks INE, I see the updated workbooks in my account! Any ETA on when the ATC/videos will be released?

    16. Sergio Moran says:

      I have seen that the Exam CCIE Security V4 includes the module about WSA (web security appliance). Will you add this module to the new material??

      And other question…I can see de new “CCIE Security Version 4 Technology Labs”. Is this all new material that you provide??

      The previous workbook includes more detailed information about the solutions guide, tips or consejor regarding configuration. This new material includes something??

    17. Craig F says:

      It reads well, clear and concise. Hopefully the labs will be back with us soon

    18. Sergio Moran says:

      What is about WSA?? This topic (WSA) is include in the exam CCIE Security V4. Will you add this module in the Woorkbook?

    19. Eduardo Fernandez says:

      when i buy this workbook will i have access to the full scale mock lab , or do i need to buy another workbook?

    20. Tim B says:

      So we cant view or read these workbooks offline? That’s kind of lame.

    21. Alberto says:

      Easily readable and browsable, great !

      a few minor tweaks could be done to the gui (i.e. it’d be good if the menu to the left doesn’t scroll up to the top every time we choose a topic, or having the topology available from the main page without re-clicking on the right column), but these are really small things.

      Thanks !

    22. meraj khalid says:

      when mork labs like the CCIE Security v3 workbook volume 2 will be released? and whats the status on pods? we still be able to do v3 labs on those pods? for practise?

    23. Vikas Kumar says:

      You should publish info about the sections which you are updating. Like if you add update to Section-1, you should publish this on blog or find another way so that users get informed about updates. Now it is very hard to find updates, we have to check each section.

    24. Michael Kiefer, CCIE# 34420 (R&S) says:

      I really like the new format! I’m looking forward to visiting with INE at Cisco Live this year.

    25. Brian says:

      where can i find the new workbooks, i see only the CCIE Security Lab Workbook Volume I/IIv3.5 and they are dated 2012-06-21.

    26. hassan says:

      I having rack tokens but still I need to purchase INE Bundles to start working on it Great Job INE

    27. Conesh says:

      What about the racks? Is there any eta on them?

    28. Tim says:

      Hey, what is the status on rack rental availability?

      Is most of the Tech labs workbook done or?

    29. Jason B says:

      In the Vol 1 Workbook for the v4 labs, the equipment lists mentions “Virtual Private Network (VPN) Module” under the ISR routers. What is that module?

    30. Sergio Moran says:

      When will be available the rack rentals to program lab sessions?

      Another question, I bought this year (February) “CCIE Security Lab Preparation Ultimate Bundle”. He noted that there will be new CCIE Security v4 Video Courses. Are the videos that I have now upgraded to these new videos? When?

      The CCIE Security Lab Preparation Ultimate Bundle was a CCIE Security Lab Workbook Volume II. Is there something similar in this new material, which handle most comprehensive scenarios?

    31. Jason B says:

      Any update on the v4 VODs or Volume 2 workbooks?


    Leave a Reply


    CCIE Bloggers