Posts from ‘CCIE Security’
CCIE Security Version 4.0 adds new software version updates, as well as introduces new hardware platforms to the exam, such as ISE and WSA. The hardware used in our new course is available through our CCIE Security Rack Rentals. The playlist for the new CCIE SCv4 ATC is as follows. A few minor topics are still in video post-processing and will be posted shortly.
- Recommended Study Resources
- ASA Firewall Overview
- ASA Basic Initialization
- ASA IP Routing
- ASA ACLs
- ASA High Availability Overview
- ASA Active/Standby Failover
- ASA Multiple Context Mode Overview
- ASA Multiple Context Mode Configuration
- ASA Active/Active Failover
- ASA Transparent Firewall
- ASA Transparent Firewall & ARP Filtering
- ASA Transparent Failover
- ASA Modular Policy Framework (MPF) Overview
- ASA Modular Policy Framework (MPF) Configuration
- ASA Advanced TCP Inspection with MPF
- ASA Advanced Application Inspection with MPF
- ASA Quality of Service (QoS)
- ASA Network Address Translation (NAT) Part 1
- ASA Network Address Translation (NAT) Part 2
- ASA Redundant Interfaces
- Standard, Extended, Time Based, & Dynamic ACLs
- Reflexive ACLs
- TCP Intercept
- Content Based Access Control (CBAC)
- CBAC High Availability
- Zone Based Firewall (ZBPF) Overview
- ZBPF Configuration
- Port to Application Mapping (PAM)
- ZBPF Parameter Tuning
- ZBPF Application Inspection
- IOS Transparent Firewall
- ZBPF Transparent Firewall
- IPsec VPN Overview
- IOS LAN-to-LAN IPsec Configuration
- IPsec Verification & Troubleshooting
- ASA LAN-to-LAN IPsec Configuration
- IOS & ASA PKI Overview
- IPsec & PKI Certificates
- GRE over IPsec Tunnels
- IPSec Profiles & Virtual Tunnel Interfaces (VTIs)
- Easy VPN Overview
- IOS Easy VPN Server
- IOS Easy VPN Client
- IOS Easy VPN with Dynamic VTIs, ISAKMP Profiles
- ASA Easy VPN Server
- ASA Easy VPN Server & IOS Easy VPN Client
- ASA Clientless & AnyConnect SSL VPN
- IPS Overview, Promiscuous Mode & SPAN
- IPS Promiscuous Mode & RSPAN
- IPS Blocking Devices & Custom Signatures
- IPS Inline Mode, VLAN Pairing
- IPS Virtual Sensors and Signature Engines
- WSA Overview & Initial Setup
- WSA Management, Identities, & Access Policies
- WSA HTTP Session Processing
- WSA Transparent Mode & WCCP L2 Mode
- WSA Transparent Mode & WCCP GRE Mode
- WSA HTTPS Decryption Policies
- AAA Overview, Local AAA, & Role Based CLI
- IOS AAA with ACS
- ASA AAA with ACS
- ACS IOS Auth-Proxy Authentication
- ACS IOS Auth-Proxy Authorization
- ACS ASA Cut-Through Proxy
- ISE Overview
- 802.1x, MAB, & EAP Overview
- ISE MAB Authentication
- ISE 802.1x & MAB Authorization
- ISE 802.1x Authentication
- ISE MACsec
- ISE Central Web Authentication
- ISE Profiling
Tomorrow, December 6th 2013, at 10:00 PST (GMT 18:00) I will be running a free live online session on Introduction to DMVPN for CCIE R&S v5 Candidates. You can sign-up for this seminar here. Additionally the link to attend is available at the top of the dashboard when you login to the INE Members Site.
This session is the first of many to help candidates transition from the current CCIE R&S v4 Blueprint to the recently announced CCIE R&S v5 Blueprint that goes live on June 4th 2014. We will continue to run additional sessions in the future on new topics that have been added to the CCIE R&S v5 Blueprint, such as IPv6 First Hop Security, IPsec LAN-to-LAN tunnels, GET VPN, IGP Convergence & Scalability, and BGP Convergence & Scalability, just to name a few. These sessions are not only applicable to CCIE R&S v5 candidates, but also to those pursuing the CCNA, CCNP, or CCIE Security tracks, as well as for everyday engineers looking to apply these technologies in their production environments.
Tomorrow’s session will focus on the theory of what Dynamic Multipoint VPN (DMVPN) is, what problems it was designed to solve, and where it fits in the overall network design as compared to other technologies such as MPLS Virtual Private LAN Service (VPLS) or MPLS Layer 3 VPNs. The session will also include live implementation examples of DMVPN on the Cisco IOS CLI. Expect this session to run somewhere around 2 – 3 hours in length.
I hope to see you there!
INE’s new CCIE Security V4 Advanced Technologies Class continues this week, with a focus on ASA Firewall. This week’s classes will run Wednesday Oct 9th – Friday Oct 11th at 10:00 PDT (17:00 GMT) daily, with class days running typically about 4 hours each.
Anyone with an active All Access Pass subscription or that has previously purchased the download version of the SCv3 ATC can attend the live sessions. The link to join class can be found at the top of the Members Site dashboard, or direct at http://ine.co/scv4.
Specifically this week’s classes will focus on the following topics:
- Security Levels
- Access Lists before and after 8.3
- Routed vs. Transparent Firewall
- Single vs. Multi Context Mode
- Active/Standby vs. Active/Active Failover Mode
- ASA Routing
- NAT before and after 8.3
- ASA Modular Policy Framework and Application Inspection
Yesterday marked the kickoff of the new CCIE Security v4 Advanced Technologies Class. In our first session we discussed the scope of the new CCIE Security Version 4.0 blueprint, recommended readings (which can be found at the bottom of this post), the new format of class, and technical topics that included stateless traffic filters on IOS with standard ACLs, extended ACLs, time-based ACLs, and dynamic ACLs.
Going forward the SCv4 ATC will be delivered over the next 4 – 6 weeks as shorter, more spread out class days, typically of about 4 hours apiece. The specific class schedule will be posted here on the blog at least a week in advance so you can plan which sessions you want to attend live. Anyone with an active All Access Pass subscription or that has previously purchased the download version of the SCv3 ATC can attend the live sessions. The link to join class can be found at the top of the Members Site dashboard, or direct at http://ine.co/scv4. In the short-term the next upcoming class sessions are as follows:
- 2013-09-26 10:00 PDT (17:00 GMT) – Reflexive ACLs, CBAC, & ZBPF
- 2013-09-30 10:00 PDT (17:00 GMT) – Advanced ZBPF
A longer-term schedule will be posted after the weekend. In general, the class flow will follow the below outline. If you have specific topics requests for class please feel free to post a comment below and I will take it into account.
Starting tomorrow, September 24th 2013 at 10:00 PDT (17:00 GMT), I will begin the running the new CCIE Security Advanced Technologies Class for the newest version 4.0 blueprint. Online streaming of tomorrow’s class is free for anyone to attend. Simply login to http://members.ine.com and then browse to the streaming url of http://ine.co/scv4. A link to the streaming page is also located in the members dashboard.
Tomorrow’s class will start with an introduction about the scope of the CCIE Security v4 blueprint, including the hardware and software versions, as well as the specific technologies within the scope, and then will continue with the technical topics of IOS Firewall, including stateless ACL filtering and stateful filtering with both CBAC and ZBPF.
The format of this class will be a little different than previous iterations of ATCs for Security, R&S, SP, etc. Instead of running a 5-day class with 8 – 10 hours per day, the class will be spread out over the next 4 – 6 weeks in smaller increments. This will allow you to plan your study schedule more accordingly, and ideally not have to take a full week or more of vacation time or PTO in order to attend the sessions. More details of the specific class schedule will be discussed during the class intro tomorrow.
Beyond tomorrow’s class, anyone with a currently active All Access Pass subscription or that has previously purchased the CCIE Security ATC Download will be able to attend the live streaming sessions. Streaming and download versions of the class recordings will be available sometime around November, but more updates will be posted as the live class progresses.
I hope to see you in class tomorrow!
The SCv4 rack scheduler has been updated to account for additional SCv4 racks. These new racks will be available for rental after the SCv4 CCIE Bootcamp in Chicago but you can of course schedule them now in your members site account.
Lastly as I stated previously the pricing is still the old pricing of 10 tokens for 2.5 hours.
The scheduler for the CCIE SCv4 racks is now live. This means you can schedule your sessions for our new SCv4 racks through our members site. Additionally the feedback we received from the beta testers was overwhelmingly positive in regards to our new virtual machine management interface along with the fact we included ALL of the hardware and software from the CCIE SCv4 lab blueprint which is unmatched.
Lastly as I stated previously the pricing will remain for now the old SCv3 rack price of 10 tokens per session.
UPDATE – Tomorrow afternoon (July 3rd) the rack scheduler will be updated to include 8 additional SCv4 racks.
We’re moving the SCv4 racks to beta this weekend and through next week. If you would like to try out the racks free of charge, send an email to me directly (bdennis @ ine.com) and I’ll see about getting you accommodated. I’ll reply to the emails I receive by tomorrow late afternoon (EST).
Additionally I’m going to have added to everyone’s members site account who purchased the SCv4 workbook, SCv4 Workbook Bundle or SCv3 workbook the after October 2012 enough tokens for ten sessions on the new SCv4 racks. These will appear next week in your account. Also I’ll keep the SCv4 racks priced at the old SC rack pricing of 10 tokens for the next few months.
Lastly many of you have asked about adding the primer videos to the SCv4 Ultimate Bundle which I’ve done. If you purchased an SCv4 Ultimate Bundle you should see the primer videos in your account and if not just hop on chat with Sales or email them and they’ll get it added.
Good luck with your preparation!
A few weeks back I posted about the top contributors for IEOC in May receiving prizes (iPads, Mac Air, etc) from INE. Below are the top contributors for IEOC in their respective categories along with the overall top contributor and the one additional contributor that I’ll give an iPad or Galaxy Tablet to for helping with workbook support.
Top Overall IEOC Contributor:
Additional Top Contributor in regards to the workbooks in general:
We’ll do the same prizes for June that we did for May so don’t miss out!
Edit: The INE party will be at the Hard Rock *Hotel*, not the Hard Rock *Cafe*.
I would like to thank the over 600 people who RSVP’d for INE’s 2013 Party at the Hard Rock Hotel in Orlando during Cisco Live. Registration is closed as of today for our party but I wanted to be the first to let everyone know about the grand prize giveaway we are doing. On top of the standard giveaway prizes (iPads, MacBook Airs, AAP Memberships, Bootcamps, etc) we are giving away a Harley Davidson 2013 XL 1200X Forty-Eight to a lucky winner during our party.
On top of the Harley Davidson 2013 XL 1200X Forty-Eight we’re having a second grand prize giveaway. Details on the second grand prize giveaway will be revealed after the drawing for the winner of the Harley Davidson at the party.
As a side note I don’t personally ride anymore but that bike really does look cool when it’s all blacked out.