Automating Cisco Security Management Solutions Using APIs
A comprehensive security architecture should include network, endpoint, and application security/visibility techniques. This course will teach you how to deploy Cisco ISE, Stealthwatch, and SMA to reinforce your cyber defenses.
What you'll learn
Even after you've secured your networks and endpoints, a key question remains: What about the applications used by the business? How can we observe them and how can we control network access to them?
In this course, Automating Cisco Security Management Solutions Using APIs, you'll explore Cisco Identity Services Engine (ISE) which provides wired and wireless network access control using the pxGrid and REST APIs.
Next, you'll discover how to improve application visibility using the Netflow-based Cisco Stealthwatch family of products, helping you identify anomalies for analysis both in enterprise and cloud networks.
Finally, you'll learn how to provide application-level security for common enterprise services such as web and email using Cisco Security Management Appliance (SMA) with the Email Security Appliance (ESA) and Web Security Appliance (WSA).
When you're finished with this course, you'll have the skills and knowledge necessary to automate a variety of Cisco security management solutions in your production network.
Table of contents
- Course Introduction, Prerequisites, and Business Scenario 2m
- Introducing Cisco Identity Services Engine (ISE) 5m
- Demo: Developer Resources to Help You 5m
- Demo: Managing Network Devices with ISE External RESTful Services (ERS) 5m
- Demo: Building a Basic pxGrid SDK 7m
- Demo: Collecting RADIUS Failures via pxGrid HTTP API 7m
- Demo: Improvising a STOMP Library for Python 4m
- Demo: Collecting Security Telemetry via pxGrid Websockets 6m
- Module Summary and Homework Challenge 1m
- Understanding the Various Stealthwatch Products 5m
- Demo: Developer Resources to Help You 3m
- Demo: Building a Generic Stealthwatch SDK Framework 6m
- Demo: Collecting Traffic Flows from Stealthwatch Enterprise 5m
- Demo: Detecting Suspicious Traffic Using Stealthwatch Enterprise 6m
- Demo: Collecting Traffic Flows from Stealthwatch Cloud 5m
- Demo: Creating and Viewing Stealthwatch Cloud Alerts 4m
- Module Summary and Homework Challenge 1m
- Leveraging SMA to Secure Email (ESA) and Web (WSA) Traffic 3m
- Demo: Developer Resources to Help You 3m
- Demo: Building a General-purpose SMA SDK in Python 3m
- Demo: Generating an Email Security Report via SMA API 2m
- Demo: Generating a Web Security Report via SMA API 3m
- Module Summary and Homework Challenge 1m
Course FAQ
Even after you've secured your networks and endpoints, you will need to protect business-critical applications like web and email, along with introducing anomaly detection.
Cisco SAUTO (300-735) for CCNP Security and Cisco Certified DevNet Professional Path learners will greatly benefit from this course.
This course will cover three broad Cisco product categories: Identity Services Engine (ISE) to centrally control network access, Stealthwatch which is a collection of products that passively monitors network flows, and the SMA (Security Management Appliance) used to manage web and email-specific security solutions.
This course assumes you already have a strong background in Python programming in both enterprise and security environments.
About the author
Nicholas (Nick) Russo, CCDE #20160041 and CCIE #42518, is an internationally recognized expert in IP/MPLS networking and design. To grow his skillset, Nick has been focused advancing Network DevOps via automation for his clients. Recently, Nick has been sharing his knowledge through online video training and speaking at industry conferences. Nick also holds a Bachelor's of Science in Computer Science from the Rochester Institute of Technology (RIT). Nick lives in Maryland, USA with his wife, Car... more
