Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
CCIE Security v5 by Khawar Butt
Rating: 4.3 out of 5(1,177 ratings)
7,861 students

CCIE Security v5 by Khawar Butt

CCIE Security Lab Bootcamp
Created byKhawar Butt
Last updated 6/2020
English

What you'll learn

  • Implementation of Security technologies in a practical hands-on training

Course content

11 sections67 lectures31h 33m total length
  • IPSec LAN - To - LAN VPN using Crypto Maps1:36:29

    Learn the fundamentals of IPsec VPN and set up a LAN-to-LAN tunnel using crypto maps, including phase one and phase two negotiations, Diffie-Hellman, pre-shared keys, and ACL-based traffic.

  • GRE Based VPN28:42
  • GRE Over IPSec - Tunnel Mode & Transport Mode29:37

    Explains GRE over IPsec by encrypting all traffic on the tunnel interface, contrasts tunnel mode and transport mode, and demonstrates applying an IPsec profile to secure packets.

  • S-VTI - Tunnel-Interface Based IPSec16:50

    Learn how to configure a native IPsec tunnel interface to connect sites, running IPsec as the tunnel protocol, enabling multicast routing and saving header overhead.

  • M-GRE27:29
  • DMVPN1:48:57

    Learn how DMVPN uses a hub-and-spoke NHS with dynamic mappings to create scalable tunnels, plus phase-based configurations and IPsec encryption for secure, direct spoke-to-spoke routing.

  • GET VPN1:04:11

    Get VPN encrypts traffic on a private WAN with a central key server; phase one distributes session keys, transform sets, and ACLs, while phase two encrypts data, using unicast rekeying.

  • VRF Aware VPNs42:32

    Explain virtual routing and forwarding (VRF) instances that isolate routing tables, assign interfaces to VRFs, and run protocols like OSPF within VRFs to enable VRF-aware VPNs and IPsec tunnels.

  • IKEv257:29

    Learn how IKEv2 enhances phase one establishment for site-to-site VPN, with scalable IKEv2 proposals, flexible pre-shared key options, certificate support, and streamlined crypto map and profile configuration.

  • Flex VPN - Site - To - Site using D-VTI & S-VTI25:21

    Explore flex vpn for site-to-site connectivity with a dynamic public ip. See how to configure a dynamic virtual tunnel interface from a template with unnumbered loopback and ipsec profiles.

  • Flex VPN - Spoke - To - Spoke using NHRP1:00:33

    Explore flex VPN hub-and-spoke design with a hub and spoke-to-spoke links via NHRP redirects. Implement dynamic tunnel interfaces, virtual templates, and address pools to push tunnel IPs to spokes.

  • LAN - To -LAN VPN using Router as a CA Server58:39

    Configure a LAN-to-LAN IPsec tunnel using certificates issued by a router acting as a certificate authority. Replace pre-shared keys with a public key infrastructure based solution, including enrollment and revocation.

Requirements

  • A solid understanding of the CCNP - R/S Concepts

Description

The CCIE Security v5 Bootcamp is an in depth course covering all the technologies required for the CCIE Security Lab Exam. The topics covered are:

1. VPNs

     - Basic LAN - To - LAN VPNs [IPSEC (Crypto Maps), GRE, GRE Over IPSec, S-VTI]

     - M-GRE

     - DMVPN

     - GET VPN

     - IKEv2 VPNs

     - Flex VPN

     - VRF Aware VPNs

     - Certificate Based VPNs

     - ASA Based VPNs (LAN-2-LAN, VPNs thru the ASA, Remote Access VPNs (WebVPN, AnyConnect)


2. Firewall

    - ASA Firewall (Basic Initialization, Routing, NAT, Redundancy, Virtualization)

    - Zone-Based Firewall (ZBF)

    - FTD (Basic Initialization, Routing, NAT, ACP, IPS)


3. Content Filtering

    - WSA (Basic Initialization - CLI, Basic Initialization - GUI, WCCP Relationship with Router, Access Policies)

    - ESA  (E-Mail Flow Overview, Basic Initialization - CLI, Basic Initialization - GUI, SMTP Relay Configuration, E-Mail Policies)


4. Wireless Networking

    - Overview of Wireless Networking (Controlled Based Wireless)

    - Networking configuration required for Wireless

    - Basic Initialization of the WLC

    - Basic Wireless LAN Setup


5. ISE Configuration

    - Overview of ISE

    - Wireless ISE (Dot1x Authentication)

    - Wired ISE (Dot1x Authentication, MAB)

    - Device Administration using ISE

Who this course is for:

  • Students preparing for the CCIE Security Exam