CCIE Security Certification and Training
CCIE Security Certification and Training
CCIE Security Certification v6.0 is the highest and most prestigious certification from Cisco. It ranks No. 1 in the 10 Most Difficult IT Certifications list and is highly-valued worldwide. A CCIE certified individual is an elite title in the field of network engineering, proving their mastery in their domain of Cisco networking. The CCIE Security Certified experts have the knowledge and skills required to architect, engineer, implement, troubleshoot, and support the full suite of Cisco security technologies, using the latest methods to protect systems and environments against every kind of modern security risks, threats, and vulnerabilities.
The CCIE Security program is designed to include direct exposure on real Cisco Routers, Switches, Cisco ASA Firewalls, FirePower, WSA, ESA, FireAMP, Stealthwatch, Umbrella and NGIPS. The quality of the program, the testing methods, and the relevance of this certification enhances its value. At IP Rulers, the classes are facilitated by CCIE Security certified and experienced instructors, and students will be exposed to the latest equipment’s. With grouped as well as one-to-one classes and online tutorials that could be scheduled for weekdays or weekends in accordance to the students’ choice, IP Rulers is fast becoming a leading name in Dubai, UAE in achieving high-value Cisco Certification with a significant pass rate on the first attempt.
Target Audience:
- Network engineers attempting the core exam – (SCOR 350- 701).
- Network engineers who have five to seven years of professional experience in designing, deploying, operating and optimizing enterprise networking technologies.
- Network designers who design and support complex network technologies and topologies.
- Network engineers who use an expert-level problem-solving process (including options analysis) to support complex network technologies and topologies.
- IT students and professionals seeking strong expertise in the subject and an internationally recognized qualification in the same for prospective jobs.
- Candidates with CCNP R&S Certification, moving on to expert levels.
- Aspirants in the following job profiles:
- Network Designer
- Network Administrator
- Consulting Systems Engineer
- Technical Solutions Architect
- Network Manager
- Cisco Integrators and partners
Prerequisites:
- The CCIE Enterprise Infrastructure does not require any particular qualification for attendance of the course. However, comprehensive knowledge of the subjects is necessary for attending the examinations.
- Five to seven years’ experience in networking field, especially in designing, deploying, operating and optimizing security technologies will be an advantage to attempt the CCIE examination.
- Job roles of elite executives in the fast-paced world of Enterprise network .
- Industry-level knowledge and direct experience in implementation of core Cisco security solutions.
- Ability to recognize customer requirements and support proposed solutions.
- Enhanced job opportunities with sky-high career growth, coupled with respectable compensations.
- Expertise in all stages of implementing complex security solutions – from deploying, to operation and optimization.
- Specialist Certification for clearing the qualifying exam.
- Authority to link the CCIE Certification Badge to all social media profiles.
Gigi Vikraman
MD and Founder
4XCCIE (R&S, Security, Collaboration, DC)
Gigi Vikraman a quadruple CCIE has over 15 years of experience working in the Cisco networking field consulting and training. In addition, he has designed, implemented and supported numerous enterprise networks. He has been a dedicated CCIE instructor for over 10 years. He has extended his service in producing 400+ CCIE’s all over the world. Apart from all these, he has already proven his well knowledge in giving training on Fortinet, Palo Alto and Check Point.
Babu Varghese
Senior Cloud & Security Specialist
MCSE,RHCE,CCNP,CEH,CSA,CCSE,F5-CTS, AWS & Azure
Certified instructor with 20+ years of experience in the field of cloud and cybersecurity. Proven success in leveraging educational theories and methodologies to design, develop, and deliver successful training programs and integrate instructional technology to provide onsite and virtual training. Babu has helped IPRULERS in setting the bar for cloud and cyber security training and helping thousands of engineers to obtain their own certifications. He excels in corporate training and has excellent interpersonal skills that make him stand out. Babu has proven his knowledge and skills in delivering training for the Microsoft, Amazon, f5, Check Point, EC-Council, CompTIA & Cisco etc.
Duration
120 Hours
Modules
5
Skill Level
Expert
Language
English
Certificate
Yes
Mode
Online/Offline
Share :
Course Curriculam
1.1 Deployment modes on Cisco ASA and Cisco FTD
- Routed
- Transparent
- Single
- Multi-Context
- Multi-Instance
1.2 Firewall features on Cisco ASA and Cisco FTD
- NAT
- Application inspection
- Traffic zones
- Policy-based routing
- Traffic redirection to service modules
- Identity firewall
1.3 Security features on Cisco IOS/IOS-XE
- Application awareness
- Zone-Based Firewall (ZBFW)
- NAT
1.4 Cisco Firepower Management Center (FMC) features
- Alerting
- Logging
- Reporting
1.5 NGIPS deployment modes
- In-Line
- Passive
- TAP
1.6 Next Generation Firewall (NGFW) features
- SSL inspection
- user identity
- geolocation
- AVC
1.7 Detect, and mitigate common types of attacks
- DoS/DDoS
- Evasion Techniques
- Spoofing
- Man-In-The-Middle
- Botnet
1.8 Clustering/HA features on Cisco ASA and Cisco FTD
1.9 Policies and rules for traffic control on Cisco ASA and Cisco FTD
1.10 Routing protocols security on Cisco IOS, Cisco ASA and Cisco FTD
1.11 Network connectivity through Cisco ASA and Cisco FTD
1.12 Correlation and remediation rules on Cisco FMC
2.1 AnyConnect client-based remote access VPN technologies on Cisco ASA, Cisco FTD, and Cisco Routers.
2.2 Cisco IOS CA for VPN authentication
2.3 FlexVPN, DMVPN, and IPsec L2L Tunnels
2.4 Uplink and downlink MACsec (802.1AE)
2.5 VPN high availability using
- Cisco ASA VPN clustering
- Dual-Hub DMVPN deployments
2.6 Infrastructure segmentation methods
- VLAN
- PVLAN
- GRE
- VRF-Lite
2.7 Micro-segmentation with Cisco TrustSec using SGT and SXP
3.1 Device hardening techniques and control plane protection methods
- CoPP
- IP Source routing
- iACLs
3.2 Management plane protection techniques
- CPU
- Memory thresholding
- Securing device access
3.3 Data plane protection techniques
- uRPF
- QoS
- RTBH
3.4 Layer 2 security techniques
- DAI
- IPDT
- STP security
- Port security
- DHCP snooping
- RA Guard
- VACL
3.5 Wireless security technologies
- WPA
- WPA2
- WPA3
- TKIP
- AES
3.6 Monitoring protocols
- NetFlow/IPFIX/NSEL
- SNMP
- SYSLOG
- RMON
- eStreamer
3.7 Security features to comply with organizational security policies, procedures, and standards BCP 38
- ISO 27001
- RFC 2827
- PCI-DSS
3.8 Cisco SAFE model to validate network security design and to identify threats to different Places in the Network (PINs)
3.9 Interaction with network devices through APIs using basic Python scripts
- REST API requests and responses
- HTTP action verbs, error codes, cookies, headers
- JSON or XML payload
- Authentication
- Data encoding formats
- JSON
- XML
- YAML
3.10 Cisco DNAC Northbound APIs use cases
- Authentication/Authorization
- Network Discovery
- Network Device
- Network Host
4.1 ISE scalability using multiple nodes and personas.
4.2 Cisco switches and Cisco Wireless LAN Controllers for network access AAA with ISE.
4.3 Cisco devices for administrative access with ISE
4.4 AAA for network access with 802.1X and MAB using ISE.
4.5 Guest lifecycle management using ISE and Cisco Wireless LAN controllers
4.6 BYOD on-boarding and network access flows
4.7 ISE integration with external identity sources
- LDAP
- AD
- External RADIUS
4.8 Provisioning of AnyConnect with ISE and ASA
4.9 Posture assessment with ISE
4.10 Endpoint profiling using ISE and Cisco network infrastructure including device sensor
4.11 Integration of MDM with ISE
4.12 Certificate-based authentication using ISE
4.13 Authentication methods
- EAP Chaining
- Machine Access Restriction (MAR)
4.14 Identity mapping on ASA, ISE, WSA, and FTD
4.15 pxGrid integration between security devices WSA, ISE, and Cisco FMC
4.16 Integration of ISE with multi-factor authentication
4.17 Access control and single sign-on using Cisco DUO security technology
5.1 AMP for networks, AMP for endpoints, and AMP for content security (ESA, and WSA)
5.2 Detect, analyze, and mitigate malware incidents
5.3 Perform packet capture and analysis using Wireshark, tcpdump, SPAN, ERSPAN, and RSPAN
5.4 DNS layer security, intelligent proxy, and user identification using Cisco Umbrella
5.5 Web filtering, user identification, and Application Visibility and Control (AVC) on Cisco FTD and WSA.
5.6 WCCP redirection on Cisco devices
5.7 Email security features
- Mail policies
- DLP
- Quarantine
- Authentication
- Encryption
5.8 HTTPS decryption and inspection on Cisco FTD, WSA and Umbrella
5.9 SMA for centralized content security management
5.10 Cisco advanced threat solutions and their integration: Stealthwatch, FMC, AMP, Cognitive Threat Analytics (CTA), Threat Grid, Encrypted Traffic Analytics (ETA), WSA, SMA, CTR, and Umbrella
Download Course Brochure
For More details please download our brochure here.
OUR STUDENT SUCCESS
STORIES
Enquire Now
We are here to provide you with comprehensive assistance regarding all the details related to the courses and any other inquiries you may have. Please feel free to reach out to us for guidance and support.