Monday, September 10, 2018

CCIE Security v5 Journey Expanded Blueprint- Post 2

This post will evolve over time as I work through the blueprint, I will list out the different topics as I go through them. Any topics that have free material available to learn the topic will be listed as well. There is a lot of free training available for those that can't afford to pay for premium content, like INEs AAP, which is kind of pricy, but in my opinion, its worth having for what it provides you access to. Lab Minutes also has paid content, the author there will release material to be public overtime. I have been through a small percentage of the material listed below. If I feel the material is valuable and worth it, I will list it here. Paid material is listed at the top, free or low cost material is lower. To keep track of any progress, I use NotePad++, I have copied the entire list below and I note next to it when I have watched it and completed the lab to test it out. There is a lot of content, so be patient when working the list. More content will likely be added later, but this is a pretty good start. I will also add Cisco Live content.

INE CCNP Security SENSS
Network Device Planes of Operation
Control Plane Policing :: Part 1
Control Plane Policing :: Part 2
Control Plane Protection
Routing Protocol Security
Management Plane Protection
Secure Device Management
SNMP Overview
SNMP Configuration :: Part 1
SNMP Configuration :: Part 2
NTP Overview :: Part 1
NTP Overview :: Part 2
NTP Configuration
Network Event Logging :: Part 1
Network Event Logging :: Part 2
Netflow :: Part 1
Netflow :: Part 2
AAA Overview :: Part 1
AAA Overview :: Part 2
IOS AAA Configuration :: Part 1
IOS AAA Configuration :: Part 2
ASA AAA Configuration :: Part 1
ASA AAA Configuration :: Part 2
ASA AAA Configuration :: Part 3
Port Security
DHCP Snooping Overview :: Part 1
DHCP Snooping Overview :: Part 2
DHCP Snooping Configuration
Dynamic ARP Inspection Overview
Dynamic ARP Inspection Configuration
IP Spoofing Overview
IP Spoofing Configuration
STP Security Toolkit
Storm Control
Private VLAN Overview
Private VLAN Configuration
NAT Overview :: Part 1
NAT Overview :: Part 2
Static NAT Configuration
Dynamic NAT Configuration
Policy NAT Configuration :: Part 1
Policy NAT Configuration :: Part 2
Zone Based Policy Firewall Overview
Two Zone Firewall Configuration :: Part 1
Two Zone Firewall Configuration :: Part 2
Two Zone with NAT Firewall Configuration
Three Zone Firewall Configuration :: Part 1
Three Zone Firewall Configuration :: Part 2
Zone Based Policy Firewall Tuning Overview
Zone Based Policy Firewall Tuning Configuration
Zone Based Policy Firewall Application Inspection :: Part 1
Zone Based Policy Firewall Application Inspection :: Part 2
Zone Based Policy Firewall Self Zone :: Part 1
Zone Based Policy Firewall Self Zone :: Part 2
ASA Firewall Overview :: Part 1
ASA Firewall Overview :: Part 2
ASA Firewall ACL Overview :: Part 1
ASA Firewall ACL Overview :: Part 2
ASA Firewall ACL Configuration :: Part 1
ASA Firewall ACL Configuration :: Part 2
ASA Firewall Object Groups
ASA Identity Firewall Overview :: Part 1
ASA Identity Firewall Overview :: Part 2
ASA Firewall Modular Policy Framework Overview :: Part 1
ASA Firewall Modular Policy Framework Overview :: Part 2
ASA Firewall MPF Advanced Inspections :: Part 1
ASA Firewall MPF Advanced Inspections :: Part 2
ASA Firewall MPF Dynamic Protocol Inspection :: Part 1
ASA Firewall MPF Dynamic Protocol Inspection :: Part 2
ASA Firewall MPF Application Inspection
ASA Firewall NAT Overview
ASA Firewall Object NAT Configuration
ASA Firewall Twice NAT Configuration :: Part 1
ASA Firewall Twice NAT Configuration :: Part 2

CCNP Security SITCS 207
Web Security Appliance
Web Security Overview 
What is WSA? :: Part 1 
What is WSA? :: Part 2 
WSA Models, Interface & Licensing 
Explicit Mode Overview 
PAC File Overview 
Transparent Mode 
WSA Identities 
WSA Acceptable Use Controls 
WSA Access Policies Overview :: Part 1 
WSA Access Policies Overview :: Part 2 
WSA Access Policies Configuration :: Part 1 
WSA Access Policies Configuration :: Part 2 
WSA Access Policies Configuration :: Part 3 
WSA Access Policies Configuration :: Part 4 
WSA Decryption Policies Overview :: Part 1 
WSA Decryption Policies Overview :: Part 2 
WSA Decryption Policies Configuration 
WSA Outbound Policies 
WSA Transparent Mode with WCCP :: Part 1 
WSA Transparent Mode with WCCP :: Part 2 
WSA User Authentication Overview 
WSA User Authentication Configuration :: Part 1 
WSA User Authentication Configuration :: Part 2 
WSA User Authentication Overview 
Cloud Web Security
CWS Overview 
CWS Licensing 
CWS Traffic Redirection :: Part 1 
CWS Traffic Redirection :: Part 2 
CWS Traffic Redirection :: Part 3 
CWS ASA Connector :: Part 1 
CWS ASA Connector :: Part 2 
CWS ISR G2 Connector :: Part 1 
CWS ISR G2 Connector :: Part 2 
CWS AnyConnect Connector 
ScanCenter Web Filtering Policy 
ASA-CX
ASA-CX Overview 
ASA-CX Models & Licensing 
ASA-CX Deployment Modes 
ASA-CX Policy Objects 
ASA-CX Access Policies 
ASA-CX Decryption Policies 
ASA-CX Identity Policies 
Total Duration: 2hrs 
Email Security
Email Security Overview 
ESA Overview 
ESA Modeling & Licensing

CCNP Security SISAS
AAA Framework
AAA Protocols 
RADIUS 
TACACS+ 
Cisco's Authentication Servers 
ISE Overview 
Authentication & Authorization
ISE Management & Authentication Policies 
MAC Authentication Bypass :: MAB 
MAB Layer 2 Authentication 
MAB Verification & Troubleshooting 
MAB & 802.1x Common Authorizations 
MAB & EAP Common Authorizations 
Authorization Verification Troubleshooting 
ACL Authorization :: dACL 
ACL Authorization :: Filter-ID ACL 
ACL Authorization :: Per-User ACL 
Extensible Authentication Protocol (EAP) 
Common EAP Tunneled Methods 
Common EAP Non-Tunneled Methods 
802.1x Configuration Steps 
Deploying EAP :: Part 1 
Deploying EAP :: Part 2 
EAP-FASTv1 Implementation 
ISE Identity Sources 
Authentication Against AD 
AD Integration 
ISE Application Server 
Identity Prefix & Suffix Strip 
User & Machine Authorization Policies :: Part 1 
User & Machine Authorization Policies :: Part 2 
Deploying EAP TLS 
Issuing Certificates on ISE 
Enrolling Users on a Certificate 
User Authentication using EAP TLS 
Importing CA Certificates 
EAP-FASTv2 Chaining :: Part 1 
EAP-FASTv2 Chaining :: Part 2 
EAP-FASTv2 Chaining :: Part 3 
Phased Deployment
Default Supplicant Network Access 
Total Duration: 
Layer 3 Authentication
Layer 3 Authentication 
Central Web Authentication Workflow 
Phase 1 Configuration 
Phase 2 Configuration 
ISE Guest Services 
Bring Your Own Device (BYOD) 
Wi-Fi Deployments 
Portal Policy 
EAP-FASTv2 Chaining :: Part 4 
EAP-FASTv2 Chaining :: Part 5 
Total Duration: 3hrs 
Endpoint Profiling
EndPoint Profiling 
Profiling Policies 
ISE Authorization Flow with Profiling 
Profiling Configuration :: Part 1 
Profiling Configuration :: Part 2 
Profiling Configuration :: Part 3 
Device Sensor Overview 
Posture Assessment
Posture Assessment Overview 
Posture Services 
Posture Configuration :: Part 1 
Posture Configuration :: Part 2 
Posture Configuration :: Part 3 
Posture Configuration :: Part 4 
Total Duration: 2hrs 
TrustSec
Layer 2 Encryption (MACSec) 
Security Group Tags (SGT) 
MACSec Implementation :: Part 1 
MACSec Implementation :: Part 2

CCNP Security SIMOS
VPN Concepts
Virtual Private Network (VPN) 
Secure VPN 
VPN Fundamentals 
Cryptographic Hashing Algorithms 
Digital Signatures 
Next-Generation Cryptography/Encryption 
VPN Logical Topologies 
IKEv1 IPsec VPN
IKEv1 Overview 
IKEv1 Phase 1 
IKEv1 Phase 2 
IKEv1 IPsec Control-Plane & Data-Plane 
IKEv1 IPsec VPN Types 
IOS Steps 
ASA Steps 
IKEv1 IPsec Crypto-Map Configuration :: Part 1 
IKEv1 IPsec Crypto-Map Configuration :: Part 2 
IKEv1 IPsec Verification & Troubleshooting :: Part 1 
IKEv1 IPsec Verification & Troubleshooting :: Part 2 
IKEv1 IPsec Verification & Troubleshooting :: Part 3 
IKEv1 IPsec Verification & Troubleshooting :: Part 4 
DPD & IKEv1 DPD 
IPsec Peer Availability Check 
IKEv1 DPD on IOS 
DPD Verification :: Part 1 
DPD Verification :: Part 2 
DPD Verification :: Part 3 
NAT-T Overview 
NAT-T Example 
GRE with IPsec Option A & B, IPsec Profile 
GRE with IPsec Example :: Part 1 
GRE with IPsec Example :: Part 2 
IPsec with SVTI :: Part 1 
IPsec with SVTI :: Part 2 
DMVPN Fundamentals 
NHRP & Important Messages 
DMVPN Routing, Spoke to Hub, & Spoke to Spoke 
DMVPN Phase 1 (Now obsolete) :: Part 1 
DMVPN Phase 1 (Now obsolete) :: Part 2 
DMVPN Phase 1 (Now obsolete) :: Part 3 
DMVPN Phase 2 ( Now Obsolete) :: Part 1 
DMVPN Phase 2 ( Now Obsolete) :: Part 2 
DMVPN Phase 3 Mandatory Configuration 
DMVPN & IKEv1sec, DMVPN & Crypto IPsec Profiles 
IPsec tunnels :: Part 1 
IPsec tunnels :: Part 2 
GETVPN 
GETVPN Control-Plane Phases 
GDOI TEK Rekey 
GETVPN Logical Topology, Routing, & Connectivity Requirements 
Total Duration: 10hrs 
IKEv2 IPsec VPN
IKEv2 Fundamentals 
IKEv2 Configuration Exchange 
FlexVPN & FlexVPN Building Blocks 
IKEv2 FlexVPN SVTI with PSK 
IKEv2 FlexVPN SVTI with PSK (Con't) 
Public Key Infrastructure Overview 
IKEv2 Flex VPN Configuration :: Part 1 
IKEv2 Flex VPN Configuration :: Part 2 
IKEv2 Flex VPN Configuration :: Part 3 
IKEv2 Flex VPN Configuration :: Part 4 
IKEv2 FlexVPN Hub-and-Spoke :: Part 1 
IKEv2 FlexVPN Hub-and-Spoke :: Part 2 
IKEv2 FlexVPN Hub-and-Spoke :: Part 3 
IKEv2 FlexVPN Authorization Policy 
FlexVPN Hub-Spoke Routing Challenge :: Part 1 
FlexVPN Hub-Spoke Routing Challenge :: Part 2 
FlexVPN Spoke-to Spoke Part 1 
FlexVPN Spoke-to Spoke Part 2 
FlexVPN Spoke-to Spoke Part 3 
SSL VPN
SSL VPN Fundamentals :: Part 1 
SSL VPN Fundamentals :: Part 2 
AnyConnect Fundamentals 
ASA VPN Building Blocks 
Cisco ASA VPN Building Blocks 
SSL VPN Tunnel-Group Matching 
ASA Clientless SSL VPN Overview 
ASA Configuration Steps 
ASA Verification & Troubleshooting Steps :: Part 1 
ASA Verification & Troubleshooting Steps :: Part 2 
ASA Verification & Troubleshooting Steps :: Part 3 
ASA Verification & Troubleshooting Steps :: Part 4 
ASA Clientless SSL VPN Certificate Authentication 
CA Options & ASA Configuration Steps :: Part 1 
CA Options & ASA Configuration Steps :: Part 2 
CA Options & ASA Configuration Steps :: Part 3 
ASA Clientless SSL VPN Multiple Authentication :: Part 1 
ASA Clientless SSL VPN Multiple Authentication :: Part 2 
SSL VPN ACL 
AnyConnect SSL VPN on ASA 
Additional ASA Verification & Troubleshooting 
SSL VPN Authorization Options 
ISE Configuration Steps :: Part 1 
ISE Configuration Steps :: Part 2 
ISE Configuration Steps :: Part 3 
AnyConnect IKEv2 IPsec :: Part 1 
AnyConnect IKEv2 IPsec :: Part 2

INE CCIE Security v4 Playlist
ASA Firewall Overview
ASA Basic Initialization
ASA IP Routing
ASA ACLs
ASA High Availability Overview
ASA Active/Standby Failover
ASA Multiple Context Mode Overview
ASA Multiple Context Mode Configuration
ASA Active/Active Failover
ASA Transparent Firewall
ASA Transparent Firewall & ARP Filtering
ASA Transparent Failover
ASA Modular Policy Framework (MPF) Overview
ASA Modular Policy Framework (MPF) Configuration
ASA Advanced TCP Inspection with MPF
ASA Advanced Application Inspection with MPF
ASA Quality of Service (QoS)
ASA Network Address Translation (NAT) Part  1
ASA Network Address Translation (NAT) Part  2
ASA Redundant Interfaces
Standard, Extended, Time Based, & Dynamic ACLs
Reflexive ACLs
TCP Intercept
Content Based Access Control (CBAC)
CBAC High Availability
Zone Based Firewall (ZBPF) Overview
ZBPF Configuration
Port to Application Mapping (PAM)
ZBPF Parameter Tuning
ZBPF Application Inspection
IOS Transparent Firewall
ZBPF Transparent Firewall
IPsec VPN Overview
IOS LAN-to-LAN IPsec Configuration
IPsec Verification & Troubleshooting
ASA LAN-to-LAN IPsec Configuration
IOS & ASA PKI Overview
IPsec & PKI Certificates
GRE over IPsec Tunnels
IPSec Profiles & Virtual Tunnel Interfaces (VTIs)
Easy VPN Overview
IOS Easy VPN Server
IOS Easy VPN Client
IOS Easy VPN with Dynamic VTIs, ISAKMP Profiles
ASA Easy VPN Server
ASA Easy VPN Server & IOS Easy VPN Client
ASA Clientless & AnyConnect SSL VPN
DMVPN
IPS Overview, Promiscuous Mode & SPAN
IPS Promiscuous Mode & RSPAN
IPS Blocking Devices & Custom Signatures
IPS Inline Mode, VLAN Pairing
IPS Virtual Sensors and Signature Engines
WSA Overview & Initial Setup
WSA Management, Identities, & Access Policies
WSA HTTP Session Processing
WSA Transparent Mode & WCCP L2 Mode
WSA Transparent Mode & WCCP GRE Mode
WSA HTTPS Decryption Policies
AAA Overview, Local AAA, & Role Based CLI
IOS AAA with ACS
ASA AAA with ACS
ACS IOS Auth-Proxy Authentication
ACS IOS Auth-Proxy Authorization
ACS ASA Cut-Through Proxy
ISE Overview
802.1x, MAB, & EAP Overview
ISE MAB Authentication
ISE 802.1x & MAB Authorization
ISE 802.1x Authentication
ISE MACsec
ISE Central Web Authentication
ISE Profiling
Wireless Overview
Wireless Client Authentication
Wireless Central Web Authentication
Wireless Control Plane Security
ASA ACLs :: Part  1
ASA ACLs :: Part  2
ASA Object NAT :: Part  1
ASA Object NAT :: Part  2
ASA Twice NAT :: Part  1
ASA Twice NAT :: Part  2
ASA Twice NAT :: Part  3
IOS Static NAT :: Part  1
IOS Static NAT :: Part  2
IOS Dynamic & Stateful NAT
IOS NVI NAT
VRF Aware IPsec with CMAP
VRF Aware IPsec with GRE
IPsec High Availability :: Part  1
IPsec High Availability :: Part  2
IPsec Stateful High Avalability
GETVPN
GETVPN COOP
IKEv L2L on IOS & ASA :: Part 1
IKEv L2L on IOS & ASA :: Part  2
IKEv FlexVPN Client & Server :: Part  1
IKEv FlexVPN Client & Server :: Part  2
DTP & Port Security
VACL and PVLAN
DHCP Snooping &DAI & IPSG :: Part  1
DHCP Snooping &DAI & IPSG :: Part  2
IPv6 FHS From First Hop Security

Jason Maynard Cisco VoD YT Channel
FTD 6.1
Cisco Firepower Threat Defense: OVF Deployment
Cisco Firepower Threat Defense: Quick Installation NGFW
Cisco Firepower Threat Defense: Quick Installation Firepower Management Center
Cisco Firepower Threat Defense: Routed Mode Interface Configuration
Cisco Firepower Threat Defense: Passive Interface
Cisco Firepower Threat Defense: Routing Configuration
Cisco Firepower Threat Defense: NAT Configuration
Cisco Firepower Threat Defense: DHCP
Cisco Firepower Threat Defense: Platform Policy
Cisco Firepower Threat Defense: Enable Security Intelligence
Cisco Firepower Threat Defense: Access Policy Creation (Basic)
Cisco Firepower Threat Defense: Access Policy Creation (Application)
Cisco Firepower Threat Defense: Access Policy Creation (URL)
Cisco Firepower Threat Defense: Malware Policy
Cisco Firepower Threat Defense: Malware Analysis
Cisco Firepower Threat Defense: IPS Policy Balanced
Cisco Firepower Threat Defense: PortScan Detection
Cisco Firepower Threat Defense: DLP Sensitive Data
Cisco Firepower Threat Defense: Network Discovery
Cisco Firepower Threat Defense: NGIPS Tuning Firepower Recommendation
Cisco Firepower Threat Defense: SSL Decryption
Cisco Firepower Threat Defense: Fix MS Win2008R2 Certificate SHA1
Cisco Firepower Threat Defense: DNS Sinkholing
Cisco Firepower Threat Defense: DNS Sinkholing Packet Capture
Cisco Firepower Threat Defense: DNS Sinkhole Tweaking for the Analyst
Cisco Firepower Threat Defense: CloudLock Cloud Application Discovery Report (Shadow IT)
Cisco Firepower Threat Defense: Visibility into Cloud Applications Shadow IT
Cisco Firepower Threat Defense: Application Based Rate Limiting
Cisco Firepower Threat Defense: Prefilter Policy Fast Path
Cisco Firepower Threat Defense: Security Intelligence Feeds IPs, Domains, URLs
Cisco Firepower Threat Defense: RBAC (Predefined and Custom)
Cisco Firepower Threat Defense: Simple Syslog Alerting
Cisco Firepower Threat Defense: Value of Host Profiles
Cisco Firepower Threat Defense: NMAP Scanner Host Profile
Cisco Firepower Threat Defense: NMAP Scanner Scheduled Network Scan
Cisco Firepower Threat Defense: HA Active/Standby Failover Deployment
Cisco Firepower Threat Defense: Integrating Active Directory (User/Group Based Policies)
Cisco Firepower Threat Defense: Inline Set IPS (Routed Mode)
Cisco Firepower Threat Defense: Adding NICs to FTDv virtual NGFW
Cisco Firepower Threat Defense: Convert ASA to FTD
POV Cisco FTD and FMC (Spanned Deployment)
Firepower Threat Defense - Common Practice Guide Walkthrough
Cisco Firepower Threat Defense 6 2 2: Some differences when leveraging Firepower
FMC 101v2: A Network Administrators Perspective on Steroids

FTD 6.2
Cisco Firepower Threat Defense 6 2: Advanced Troubleshooting (Packet Tracer)
Firepower Threat Defense 6 2: Advanced Troubleshooting (Packet Capture)
Firepower Threat Defense 6 2: FlexConfig (EIGRP)
Firepower Threat Defense 6 2: FlexConfig (Netflow)
Firepower Threat Defense 6 2: Network Analysis Policy
Firepower Threat Defense 6 2: Correlation Policy
Firepower Threat Defense 6 2: Enabling Cisco Umbrella OpenDNS ( Forwarders/Destination NAT)
Firepower Threat Defense 6 2: Enabling Cisco Umbrella on FTD (All DNS and Dest NAT)
Firepower Threat Defense 6 2: Custom Workflow (Access Policy Hit Count)
Firepower Threat Defense 6 2: Change Management IP on Existing NGFW device
Firepower Threat Defense 6 2: NGIPS Custom Signature (FTP STOR CMD)
Firepower Threat Defense 6 2: Application Control (FTP Upload Block)
Firepower Threat Defense 6 2: FMC and Endpoint AMP (Integration)
Firepower Threat Defense 6 2 2: Firepower Threat Defense DHCP Server
Cisco Firepower Threat Defense 6.2.2: Site 2 Site VPN (Point to Point)
Cisco Firepower Threat Defense 6 2 2: RA VPN (AD and Device Self-Signed Cert)
Cisco Firepower Threat Defense 6 2 2: Analysis (Lookups - GEO, URLs, WHOIS)
Cisco Firepower Threat Defense 6 2 2 : Threat Intelligence Director (Flat File)
Cisco Firepower Threat Defense 6 2 2: Threat Intelligence Director (Hail A TAXII)
Cisco Firepower Threat Defense 6.2.2: Threatgrid Portal Integration
Cisco Firepower Threat Defense 6 2 2: SSL/TLS Decrypt
Cisco Firepower Threat Defense 6 2 2: Integrated Routing and Bridging
Cisco Firepower Threat Defense 6.2.3: Block QUIC force TCP TLS/SSL for Decryption
Firepower Threat Defense - Common Practice Guide Walkthrough
Cisco Firepower Threat Defense 6 2 2: Some differences when leveraging Firepower
FMC 101: A Network Administrators Perspective
FMC 101v2: A Network Administrators Perspective on Steroids

Cisco StealthWatch
Cisco StealthWatch: FlowCollector (Adding Firepower Threat Defense 6.2)
Cisco Stealthwatch: Analyzing Flows (Flow Filter)
Cisco Stealthwatch: Analyzing Flows (Quick View)
Cisco Stealthwatch: Analyzing Flows (Flow Analysis Scenarios - CI HOST)
Cisco Stealthwatch: Analyzing Flows (Flow Analysis Scenarios - Application Spikes)
Cisco Stealthwatch: Analyzing Flows (Flow Analysis Scenarios - Overloaded Interfaces)
Cisco Stealthwatch: Analyzing Flows (Flow Analysis Scenarios - Network Slow)
Cisco Stealthwatch: Analyzing Flows (Flow Analysis Scenarios - Malware)
Cisco Stealthwatch: Analyzing Flows (Flow Analysis Scenarios - Botnet)
Cisco Stealthwatch: Analyzing Flows (Flow Analysis Scenarios - Copyright Infringement)
Cisco Stealthwatch: Analyzing Flows (External Lookup)
Cisco Stealthwatch: Alarms (Responding)
Stealthwatch: The Whiteboard

Cisco Umbrella
Cisco Umbrella: Policy Build and Full Deployment Network
Cisco Umbrella: Policy Build and Full Deployment (Roaming Client)
Cisco Umbrella: Policy Build (Internal Network AD Integration)
Enabling Cisco Umbrella (OpenDNS) on FTD: (Forwarders and Destination NAT)
Enabling Cisco Umbrella OpenDNS on FTD: (All DNS Requests and Destination NAT)
Cisco Anyconnect: Intergration with Umbrella - User Experience
Cisco Anyconnect: Umbrella Integration Configuration
Cisco Umbrella: Intelligent Proxy (SSL Decrypt)

Cisco AnyConnect with Umbrella
Cisco Anyconnect: Integration with Umbrella - User Experience
Cisco Anyconnect: Remote Access VPN (AD Integration)
Cisco Anyconnect: Remote Access VPN (Dual Authentication)
Cisco Anyconnect: Umbrella Integration Configuration
Cisco Anyconnect: Remote Access PerAPP VPN with MDM Configuration
Cisco Anyconnect: iPhone with MDM perAPP VPN (User Experience)
Cisco Anyconnect: Corporate and Non-Corporate (User Experience)

Endpoint AMP
Cisco Endpoint AMP: Quick Start (Windows)
Cisco Endpoint AMP: Analysis (Zero Access)
Cisco Endpoint AMP: Analysis (WannaCry)
Cisco Endpoint AMP: Analysis (Low Prevalence)
Cisco Endpoint AMP: Analysis (Command Line Kovter)
Cisco Endpoint AMP: Analysis: Command Line Capture (Meterpreter)
Cisco Endpoint AMP: Analysis (SF-EICAR)

Lab Minutes ACS 5.4 - http://www.labminutes.com/video/sec/ACS
ACS 5.4 Patch Install and Remove
ACS 5.4 Backup Restore
ACS 5.4 Distributed Deployment
ACS 5.4 Object Export Add Update and Delete
ACS 5.4 Directory Attribute and User Custom Attribute
ACS 5.4 AnyConnect VPN RADIUS Authentication and Authorization
ACS 5.4 Wireless 802.1X PEAP EAP-TLS with Machine Authentication (Part 2)
ACS 5.4 Wireless 802.1X PEAP EAP-TLS with Machine Authentication (Part 1)
ACS 5.4 Wired 802.1X PEAP EAP-TLS with Machine Authentication (Part 2)
ACS 5.4 Wired 802.1X PEAP EAP-TLS with Machine Authentication (Part 1)
ACS 5.4 Wired and Wireless MAC Authentication Bypass (MAB) (Part 2)
ACS 5.4 Wired and Wireless MAC Authentication Bypass (MAB) (Part 1)
ACS 5.4 TACACS Device Admin on WLC
ACS 5.4 Shell Privilege and Command Authorization
ACS 5.4 TACACS Device Admin on Switch and ASA (Part 2)
ACS 5.4 TACACS Device Admin on Switch and ASA (Part 1)
ACS 5.4 LDAP Integration and Identity Store Sequences
ACS 5.4 AD Integration and Identity Store Sequences
ACS 5.4 Certificate Install
ACS 5.4 Introduction to Web Interface and Basic Configuration
ACS 5.3 VMware Installation

ISE 1.1 - 2.2
ISE 1.1 VMware Installation 
ISE 1.1 Node Registration with Self-Signed Certificate 
ISE 1.1 Node Registration with CA-Signed Certificate 
ISE 1.1 Introduction to Web Interface & Basic Configuration 
ISE 1.1 AD Integration and Identity Source Sequence 
ISE 1.1 LDAP Integration and Identity Source Sequence 
ISE 1.1 Device Admin RADIUS Authentication 
ISE 1.1 Device Admin RADIUS Authorization 
ISE 1.1 Backup Restore 
ISE 1.1 802.1X Switch & WLC Recommended Config 
ISE 1.1 Profiling, Probing, and MAC Authentication Bypass 
ISE 1.1 Wired 802.1X and Machine Authentication with PEAP 
ISE 1.1 Wireless 802.1X and Machine Authentication with PEAP 
ISE 1.1 Wired 802.1X and Machine Authentication with EAP-TLS 
ISE 1.1 Wireless 802.1X and Machine Authentication with EAP-TLS 
ISE 1.1 iPhone SCEP Certificate Install with EAP-TLS
ISE 1.1 User and Machine Authentication with EAP Chaining 
ISE 1.1 BYOD (Part 1) - Wired 802.1X Onboarding 
ISE 1.1 BYOD (Part 2) - Wireless Onboarding Single SSID 
ISE 1.1 BYOD (Part 3) - Wireless Onboarding Single SSID Testing 
ISE 1.1 BYOD (Part 4) - Wireless Onboarding Dual SSID 
ISE 1.1 BYOD (Part 5) - Wireless Onboarding Dual SSID Testing 
ISE 1.1 Posture Assessment with NAC Agent 
ISE 1.1 Posture Assessment with Web Agent 
ISE 1.1 Sponsor and Guest 
ISE 1.1 Patch Install and Rollback 
ISE 1.1 Security Group Access (SGA) with ASA 9.1 TrustSec 
Windows 2008 Enterprise CA SCEP Installation 
Windows 2008 CA SCEP Auto-Enrollment Options 
Windows 2008 CA User and Computer Certificate Auto-Enrollment 
Windows 2008 Wired and Wireless Setting Deployment with GPO 
Introduction to Cisco TrustSec 

ISE 1.2 VMware Sizing and Installation 
ISE 1.1 to 1.2 Upgrade 
ISE 1.2 New Features 
ISE 1.2 Distributed Deployment with Wildcard Certificate 
ISE 1.2 Endpoint Protection Service (EPS) 
ISE 1.2 AnyConnect VPN RADIUS Authentication and Authorization
ISE 1.2 Wireless 802.1X Authorization with FlexConnect 
ISE 1.2 BYOD Wireless Onboarding Single SSID 
ISE 1.2 BYOD MDM Integration 
ISE 1.2 Wireless Guest with HTML Customized Portal 

ISE 1.3 VMware Installation 
ISE 1.3 New Features and Web Interface Update 
ISE 1.3 Certificate and Node Registration 
ISE 1.3 Multi-Domain AD Integration 
ISE 1.3 Wired 802.1X with EAP-TLS and PEAP 
ISE 1.3 Wireless 802.1X with EAP-TLS and PEAP 
ISE 1.3 Internal Certificate Authority (CA) Setup 
ISE 1.3 BYOD Wired 802.1X Onboarding (Internal CA) 
ISE 1.3 BYOD Wireless Onboarding with Single SSID (Internal CA) 
ISE 1.3 BYOD Wireless Onboarding with Dual SSID (Internal CA) 
ISE 1.3 BYOD Certificate Renewal 
ISE 1.3 BYOD, MyDevices, and Blacklist Portals and Customization
ISE 1.3 BYOD Meraki MDM Integration 
ISE 1.3 Posture Assessment with AnyConnect Client 
ISE 1.3 Posture Assessment on AnyConnect VPN 
ISE 1.3 Guest Access with Hotspot 
ISE 1.3 Guest Access with Sponsor Guest
ISE 1.3 Guest Access with Self-Registration 
ISE 1.3 802.1X and CWA Chaining 
ISE 1.3 Guest Access Posture Compliance 
ISE 1.3 Guest Access Portal Customization
ISE 1.3 pxGrid
ISE 1.3 Administration Login 

ISE 2.0 New Features and Web Interface Update 
ISE 2.0 TACACS+ Device Admin with Shell Profile 
ISE 2.0 TACACS+ Device Admin with Command Authorization 
ISE 2.0 Migration Tool 
ISE 2.0 802.1X Switch Config with Identity Cotrol Policy 
ISE 2.0 3rd Party NAD (Aruba MAB 802.1X)
ISE 2.0 3rd Party NAD (Aruba Guest Posture BYOD) 
ISE 2.0 Location Based Authorization 
ISE 2.0 Certificate Provisioning Portal 
ISE 2.0 Internal CA SCEP with AnyConnect VPN 
ISE 2.0 Meraki MDM with Wireless 
ISE 2.0 Meraki MDM with AnyConnect VPN
ISE 2.0 TrustSec - Network Device Authentication 
ISE 2.0 TrustSec - SGT Assignment 
ISE 2.0 TrustSec - SGACL 
ISE 2.0 TrustSec - FlexVPN and ZBFW 
ISE 2.0 TrustSec - SXP 
ISE 2.0 TrustSec - MACsec 
ISE 2.0 pxGrid with ASA Firepower 
ISE 2.0 Adaptive Network Control (ANC) 

ISE 2.2 VMware Sizing and Installation 
ISE 2.2 License Install and Smart Licensing 
ISE 2.2 New Features and Intro to Web Interface
ISE 2.2 Certificate and Node Registration 
ISE 2.2 Device Profiling and Probing 
ISE 2.2 MAC Authentication Bypass (MAB) 
ISE 2.2 Wired 802.1X with EAP-TLS and PEAP 
ISE 2.2 Wireless 802.1X with EAP-TLS and PEAP 
ISE 2.2 User and Machine Authentication with EAP Chaining 
ISE 2.2 BYOD Wired 802.1X Onboarding 
ISE 2.2 BYOD Wireless Onboarding with Single SSID 
ISE 2.2 BYOD Wireless Onboarding with Dual SSID 
ISE 2.2 Posture Assessment with AnyConnect Client 
ISE 2.2 Posture Stealth Mode and 3rd Party NAD 
ISE 2.2 Guest Access with Hotspot 
ISE 2.2 Guest Access with Sponsored Guest 
ISE 2.2 Guest Access with Self-Registration 
ISE 2.2 Easy Wireless Setup 
ISE 2.2 PassiveID and pxGrid 
ISE 2.2 Easy Connect 
ISE 2.2 Threat Centric NAC (TCN) 
ISE 2.2 Anomalous Endpoint 
ISE 2.2 Backup Restore 
ISE 2.2 Distributed Deployment Upgrade 
ISE 2.2 Patch Install and Rollback 

Lab Minutes FlexVPN
FlexVPN Introduction to IKEv2
FlexVPN IKEv2 Basic Configuration (Part 1)
FlexVPN IKEv2 Basic Configuration (Part 2)
FlexVPN IKEv2 Basic Configuration (Part 3)
FlexVPN L2L with Pre-Shared Key (Part 1)
FlexVPN L2L with Pre-Shared Key (Part 2)
FlexVPN L2L with Pre-Shared Key (Part 3)
FlexVPN L2L with Certificate (Part 1)
FlexVPN L2L with Certificate (Part 2)
FlexVPN L2L with Certificate (Part 3)
FlexVPN L2L with Static and Dynamic Routing (Part 1)
FlexVPN L2L with Static and Dynamic Routing (Part 2)
FlexVPN L2L with Next Generation Encryption (Part 1)
FlexVPN L2L with Next Generation Encryption (Part 2)
FlexVPN L2L with Dynamic Virtual Tunnel Interface (DVTI) (Part 1)
FlexVPN L2L with Dynamic Virtual Tunnel Interface (DVTI) (Part 2)
FlexVPN L2L with Dynamic Virtual Tunnel Interface (DVTI) (Part 3)
FlexVPN L2L with dVTI and External PSK (Part 1)
FlexVPN L2L with dVTI and External PSK (Part 2)
FlexVPN L2L with Spoke-to-Spoke (Part 1)
FlexVPN L2L with Spoke-to-Spoke (Part 2)
FlexVPN Server with Router Client (Part 1)
FlexVPN Server with Router Client (Part 2)
FlexVPN Server with Router Client (Part 3)
FlexVPN Server with Router Client (Part 4)
FlexVPN Server with AnyConnect Client (Part 1)
FlexVPN Server with AnyConnect Client (Part 2)
FlexVPN Server with AnyConnect Client (Part 3)
FlexVPN Server with Windows IKEv2 Client (Part 1)
FlexVPN Server with Windows IKEv2 Client (Part 2)
FlexVPN Server with Local and External Authorization (Part 1)
FlexVPN Server with Local and External Authorization (Part 2)
FlexVPN Server with Local and External Authorization (Part 3)
FlexVPN with FVRF and IVRF (Part 1)
FlexVPN with FVRF and IVRF (Part 2)
FlexVPN with FVRF and IVRF (Part 3)
FlexVPN Redundancy with Dual Hub Dual Cloud (Part 1)
FlexVPN Redundancy with Dual Hub Dual Cloud (Part 2)
FlexVPN Redundancy with Dual Hub Dual Cloud (Part 3)
FlexVPN Redundancy with Dual Hub Single Cloud (Part 1)
FlexVPN Redundancy with Dual Hub Single Cloud (Part 2)
FlexVPN Redundancy with Dual Hub Single Cloud (Part 3)
FlexVPN Redundancy with Dual Hub Single Cloud (Part 4)

SSLVPN ClientlessSSL VPN ASA Certificate Install
SSL VPN Tunnel-Group Group-Policy (Part 1)
SSL VPN Tunnel-Group Group-Policy (Part 2)
SSL VPN Clientless Bookmark and Auto-Sign On
SSLVPN Clientless Plugins
SSLVPN Clientless Port Forwarding
SSLVPN Clientless Smart Tunnel (Part 1)
SSLVPN Clientless Smart Tunnel (Part 2)
SSLVPN Clientless Web ACL and Smart Tunnel Security (Part 1)
SSLVPN Clientless Web ACL and Smart Tunnel Security (Part 2)

SSLVPN AnyConnect
SSLVPN AnyConnect Client Basic (Part 1)
SSLVPN AnyConnect Client Basic (Part 2)
SSLVPN AnyConnect Client Address Assignment
SSLVPN AnyConnect Client External Group Policy
SSLVPN AnyConnect Client LDAP Attribute Mapping
SSLVPN AnyConnect Client Certificate and Double Authentication (Part 1)
SSLVPN AnyConnect Client Certificate and Double Authentication (Part 2)
SSLVPN AnyConnect Hostscan and Endpoint Assessment (Part 1)
SSLVPN AnyConnect Hostscan and Endpoint Assessment (Part 2)
SSLVPN AnyConnect Dynamic Access Policy (DAP) (Part 1)
SSLVPN AnyConnect Dynamic Access Policy (DAP) (Part 2)
SSLVPN AnyConnect Secure Mobility Basic
SSLVPN AnyConnect Secure Mobility Start Before Logon
SSLVPN AnyConnect Secure Mobility Miscellaneous Features (Part 1)
SSLVPN AnyConnect Secure Mobility Miscellaneous Features (Part 2)
SSLVPN AnyConnect Secure Mobility OnConnect Script
SSLVPN AnyConnect Secure Mobility SCEP Proxy (Part 1)
SSLVPN AnyConnect Secure Mobility SCEP Proxy (Part 2)
SSLVPN AnyConnect Secure Mobility Always-On VPN
SSLVPN AnyConnect Mobile and On-Demand VPN (Part 1)
SSLVPN AnyConnect Mobile and On-Demand VPN (Part 2)
SSLVPN AnyConnect Secure Mobility with IPSec IKEv2
SSLVPN AnyConnect Portal and Client Customization (Part 1)
SSLVPN AnyConnect Portal and Client Customization (Part 2)

FirePOWER and FTD
ASA FirePower Service Installation
ASA FirePower FireSight System Installation
ASA FirePower FireSight Basic Configuration (Part 1)
ASA FirePower FireSight Basic Configuration (Part 2)
ASA FirePower Device Management and License Install
ASA FirePower Software Update
ASA FirePower Introduction to FireSight Web Interface (Part 1)
ASA FirePower Introduction to FireSight Web Interface (Part 2)
ASA FirePower Network Discovery (Host and Application) (Part 1)
ASA FirePower Network Discovery (Host and Application) (Part 2)
ASA FirePower Network Discovery (Host and Application) (Part 3)
ASA FirePower Network Discovery (User with AD User Agent) (Part 1)
ASA FirePower Network Discovery (User with AD User Agent) (Part 2)
ASA FirePower Object and Access Control (Part 1)
ASA FirePower Object and Access Control (Part 2)
ASA FirePower Security Intelligence (Part 1)
ASA FirePower Security Intelligence (Part 2)
ASA FirePower Application Filtering (Part 1)
ASA FirePower Application Filtering (Part 2)
ASA FirePower Custom Application Detector (Part 1)
ASA FirePower Custom Application Detector (Part 2)
ASA FirePower URL and Web Category Filtering (Part 1)
ASA FirePower URL and Web Category Filtering (Part 2)
ASA FirePower File Type Filtering (Part 1)
ASA FirePower File Type Filtering (Part 2)
ASA FirePower Malware Detection (Part 1)
ASA FirePower Malware Detection (Part 2)
ASA FirePower IPS Basic (Part 1)
ASA FirePower IPS Basic (Part 2)
ASA FirePower IPS Advance (Part 1)
ASA FirePower IPS Advance (Part 2)
ASA FirePower IPS Custom Rule
ASA FirePower Compliance Enforcement with Whitelist
ASA FirePower Event Correlation and Remediation (Part 1)
ASA FirePower Event Correlation and Remediation (Part 2)
ASA FirePower Traffic Profile
ASA FirePower External User Authentication
ASA FirePower Backup and Restore
ASA Firepower 6.0 New Features and Web Interface Update (Part 1)
ASA Firepower 6.0 New Features and Web Interface Update (Part 2)
ASA Firepower 6.0 Multiple Domain Management (Part 1)
ASA Firepower 6.0 Multiple Domain Management (Part 2)
ASA Firepower 6.0 URL and DNS Security Intelligence (Part 1)
ASA Firepower 6.0 URL and DNS Security Intelligence (Part 2)
ASA Firepower 6.0 URL and DNS Security Intelligence (Part 3)
ASA Firepower 6.0 Passive and Active Authentication (Part 1)
ASA Firepower 6.0 Passive and Active Authentication (Part 2)
ASA Firepower 6.0 Passive and Active Authentication (Part 3)
ASA Firepower 6.0 SSL Decryption (Part 1)
ASA Firepower 6.0 SSL Decryption (Part 2)
ASA Firepower 6.0 Certificate-Based Access Control (Part 1)
ASA Firepower 6.0 Certificate-Based Access Control (Part 2)
FTD 6.1 ASA Device Installation (Part 1)
FTD 6.1 ASA Device Installation (Part 2)
FTD 6.1 Firepower Device Manager - Introduction (Part 1)
FTD 6.1 Firepower Device Manager - Introduction (Part 2)
FTD 6.1 Firepower Device Manager - Configuration (Part 1)
FTD 6.1 Firepower Device Manager - Configuration (Part 2)
FTD 6.1 Firepower Device Manager - Configuration (Part 3)
FTD 6.1 Firepower Device Manager - Configuration (Part 4)
FTD 6.1 NGFWv and NGIPSv Device Installation (Part 1)
FTD 6.1 NGFWv and NGIPSv Device Installation (Part 2)
FTD 6.1 Device Registration and Smart Licensing (Part 1)
FTD 6.1 Device Registration and Smart Licensing (Part 2)
FTD 6.1 FMC Web Interface and New Features (Part 1)
FTD 6.1 FMC Web Interface and New Features (Part 2)
FTD 6.1 NGIPSv IDS and IPS Modes (Part 1)
FTD 6.1 NGIPSv IDS and IPS Modes (Part 2)
FTD 6.1 NGIPSv IDS and IPS Modes (Part 3)
FTD 6.1 Firewall Mode and Interface Type (Part 1)
FTD 6.1 Firewall Mode and Interface Type (Part 2)
FTD 6.1 Firewall Mode and Interface Type (Part 3)
FTD 6.1 Basic Configuration (Part 1)
FTD 6.1 Basic Configuration (Part 2)
FTD 6.1 Basic Configuration (Part 3)
FTD 6.1 Routing - Static BGP (Part 1)
FTD 6.1 Routing - Static BGP (Part 2)
FTD 6.1 Routing - Static BGP (Part 3)
FTD 6.1 Routing - Static BGP (Part 4)
FTD 6.1 Routing - OSPF (Part 1)
FTD 6.1 Routing - OSPF (Part 2)
FTD 6.1 Routing - OSPF (Part 3)
FTD 6.1 IPv6 (Part 1)
FTD 6.1 IPv6 (Part 2)
FTD 6.1 IPv6 (Part 3)
FTD 6.1 IPv6 (Part 4)
FTD 6.1 Network Address Translation (NAT) (Part 1)
FTD 6.1 Network Address Translation (NAT) (Part 2)
FTD 6.1 Network Address Translation (NAT) (Part 3)
FTD 6.1 Network Address Translation (NAT) (Part 4)
FTD 6.1 Network Address Translation (NAT) (Part 5)
FTD 6.1 Prefilter Policy (Part 1)
FTD 6.1 Prefilter Policy (Part 2)
FTD 6.1 Prefilter Policy (Part 3)
FTD 6.1 Multicast and QoS (Part 1)
FTD 6.1 Multicast and QoS (Part 2)
FTD 6.1 Multicast and QoS (Part 3)
FTD 6.1 Safesearch and Youtube EDU (Part 1)
FTD 6.1 Safesearch and Youtube EDU (Part 2)
FTD 6.1 Inline SGT (Part 1)
FTD 6.1 Inline SGT (Part 2)
FTD 6.1 ISE Remediation (Part 1)
FTD 6.1 ISE Remediation (Part 2)
FTD 6.1 ISE Remediation (Part 3)
FTD 6.1 Site-to-Site VPN (Part 1)
FTD 6.1 Site-to-Site VPN (Part 2)
FTD 6.1 Site-to-Site VPN (Part 3)
FTD 6.1 High Availability (HA) (Part 1)
FTD 6.1 High Availability (HA) (Part 2)
FTD 6.1 Conversion to ASA
Posted by at No comments:
Labels: , , , ,

Sunday, September 9, 2018

My CCIE Security Journey - Post 1

Shortly after Cisco Live 2017 in Las Vegas, and a family vacation to Florida, I made the decision to renew my CCNA Security Certification. I received the certification back in January 2014 right after earning CCNP R&S. It took sometime to work through the blueprint, much of it I hadn't dealt with, ASA, SSLVPN, AnyConnect. I used INEs CCNA Security VoD to help bridge the gap.

I took a bunch of notes,  created a PowerPoint, a lab topology and a list of labs I wanted to demonstrate in the VoDs. I created a workbook and then recorded the series. It was a lot of fun and allowed me to cover content that I had always wanted to cover. Shortly after the series was finished, I was tasked my first AnyConnect project that integrated with ISE and certificates. Very complex compared to the CCNA level stuff I had covered.

I had an INE AAP and started to cover the CCNP Security SIMOS material. This really helped since it was what I had to deploy. It took a few months and I wrapped up the project. I was then tasked with a large switch upgrade, I figured being a CCIE in R&S, piece of cake! Not! The switch side was easy, it was the heavy integration of ISE for MAB and 802.1x authentication that made me hate life for a couple days. I found the INE CCNP Security SISAS ISE VoD, another score for me. 6 weeks later and a bit of scope creep, TACACS was requested over RADIUS, I was done with that project.

I figured it was time to hit the firewall and threat defense VoDs, well, an SP was a customer and so was a big bank, my focus shifted to SP stuff, L3VPN and L2VPN, BGP, DMVPN, OTV and QoS. This took the bulk of my time and Security was on the back burner. After several months these projects wrapped up and I was hot on the trail to CCIE SP, since I had a CCNP SP it made sense. Not long after that, I switched jobs to an SP, more DC than SP. Several months in and I have found myself on the frontlines with Security again.

Since it is a major focus for me and has been for a few months now, I made the decision to commit to it. This means a regimented approach had to happen. I had to be honest with myself and come up with a plan of attack to cover the material efficiently but not waste time on areas I was familiar with. DMVPN, IOS FW and parts of IPsec I can skip over for now. Focusing on areas I'm not familiar with first. ASA, GETVPN, FLEXVPN, SSLVPN, ISE, ACS, FTD, WSA, ESA and AMP. That's the majority of the blueprint right there. I've had exposure to ISE and FTD from previous jobs so I chose to leave them for later. As it sits now, ASA FW is my current focus, then VPNs, then circle back to IOS FW to round out the infrastructure stuff. Then AAA, ISE, ACS, WSA, ESA, FTD and AMP.

My goal in the next several posts is to layout a detailed expanded blueprint of what I am covering. From my research this far, there are several resources online, INE, Micronics, CiscoLive, LabMinutes and others that have produced material that covers the technologies. My goal is to work through the technologies and put together a holistic solution through RIT in the near future. This time, I won't be doing CCNP and then CCIE, I am going directly to CCIE, CCNP Security will come later. Feel free to join me in the journey, comment below and follow the blog, if your interested, follow me on social media, @rikerrob on Twitter.

Thanks for stopping by!
Rob Riker, CCIE #50693 (R&S) for now.

Posted by at 4 comments:
Labels: , ,
Subscribe to: Posts (Atom)