Another new update is now available for the CCIE Security Advanced Technologies Class. This update adds an additional 15 hours of videos to the series, which includes the rest of IPsec, IPS, and AAA. All Access Pass subscribers and customers who purchased download access can login to the INE members site to see the new additions.  This brings the series up to about 40 hours of videos, which will be further increased with some minor updates I'll be adding over the next few weeks. If there is a specific topic which is missing that you'd like to see feel free to comment here, or email me at bmcgahan@ine.com.

The outline for the series is now as follows:

  • Introduction - 0h 37m
  • CCIE Security Preparation Resources - 0h 50m
  • ASA Overview - 0h 37m
  • Basic ASA Initialization - 1h 02m
  • ASA Routing - 0h 37m
  • ASA Reliable Static Routing - 0h 20m
  • ASA Access Control Lists (ACLs) - 0h 41m

INE is proud to announce the upcoming release of the following new additions to our All Access Pass Video-on-Demand library:


For Part 2 of this series, click here.

The following questions will be added to the Core Knowledge Simulation engine.   Answers will be provided in the comments section.

Implement Identity Management

Refer to the diagram.   The software running on the PC performs what role?


Beginning in October 2009, students will be required to demonstrate mastery of the Cisco IOS Intrusion Prevention System (IPS) for the CCIE R/S track. This blog post introduces candidates to this relatively new security feature. Note this series of blog posts will focus on Tier 1 knowledge. This information allows mastery for the Core Knowledge section and builds a foundation for later mastery at the Command Line Interface.

Intrusion Prevention replaces mere Intrusion Detection from previous IOS versions. IDS for the IOS was certainly nice (you get alerted when a security attack is occurring), but obviously, stopping an attack is much more powerful.


I.    Device Manager

a.    Intro

i.    IDM lives on the sensor and gives you a GUI option for managing the device
ii.    TLS/SSL

1.    used to secure communications



a. Overview

i. Accessing

1. SSH

2. Serial interface (console)

3. Telnet (disabled by default)


Here is a portion of some notes that I came across for IPS - instead of wasting away on my hard drive, I figured I would post in case some of you might enjoy. I will post more sections if I receive no hate mail :-)

I. IPS Overview

a. Detection versus Protection

i. Detect can do just that - detect

ii. Prevention systems can detect and prevent - risks include latency, false positives, and the risk of the device being overrun


This is obviously a very short list. Remember, we recommend use of the Cisco Intrusion Prevention System Device Manager (IDM) for management and configuration of the device during the lab exam. While this graphical user interface (GUI) will be used for most tasks, there are still some useful and quick command line verification tasks for you here.

Subscribe to INE Blog Updates

New Blog Posts!