Hi gang. If you are a "tweener" like me as you are looking at this lab track, I thought you might like a list of the topics in the new blueprint that do not exist in the old. Also, notice that many topics that exist in both are being implemented on different equipment. For example, in the old you might do an SSL VPN on the concentrator, but now you would be limited to IOS or ASA.

Section II Cisco IOS Firewalls

B. Zone-Based Firewalls

Section III VPN

D. Group Encrypted Transport (GET) VPN
J. AnyConnect VPN

Section IV IPS

D. Virtual Sensors
E. Security Policies

Section V Identity Management

B. LDAP

Section VI Control Plane/Management Plan Security

A. Implement routing plane security features (protocol authentication, route filtering)
B. Configure Control Plane Policing
C. Configure CP protection and management protection
D. Configure broadcast control and switchport security
E. Configure additional CPU protection mechanisms (options drop, logging interval)
F. Disable unnecessary services
G. Control device access (Telnet, HTTP, SSH, Privilege levels)
H. Configure SNMP, Syslog, AAA, NTP
I. Configure service authentication (FTP, Telnet, HTTP, other)
J. Configure RADIUS and TACACS+ security protocols
K. Configure device management and security

Section VIII Network Attacks

B. Malicious IP Option Usage