Securing Network Devices for CCNA Security (210-260) IINS

Protect your Cisco iOS device networks from threats. This course provides you with an understanding of network security on Cisco iOS devices, meeting exam objectives for the CCNA Security (210-260).
Course info
Rating
(13)
Level
Intermediate
Updated
May 9, 2016
Duration
3h 43m
Table of contents
Description
Course info
Rating
(13)
Level
Intermediate
Updated
May 9, 2016
Duration
3h 43m
Description

Our networks are faced with a number of threats that we must protect against. Among them are threats against the network devices themselves. This course, Securing Network Devices for CCNA Security (210-260) IINS, is one in a series of courses that meet all the objectives of the CCNA Security (210-260) IINS exam. In it, you'll learn important techniques used to mitigate these threats, including Control Plane Protection (CPPr) and Routing Protocol Authentication. In addition, you'll learn how 802.1X protects access to the network and how you can implement BYOD to onboard employees that would like to use their personal devices in the workplace. By the end of this course, you'll know how to better protect your networks and you'll be more prepared for the 210-260 IINS exam.

About the author
About the author

Brandon is a CCIE (Security, #23837), Cisco Press author, and has over 13 years experience as a Cisco Instructor.

More from the author
VPN Fundamentals for CCNP® Security
Intermediate
1h 52m
12 Feb 2018
ISE BYOD for CCNP Security (300-208) SISAS
Intermediate
2h 8m
8 Nov 2017
More courses by Brandon Carroll
Section Introduction Transcripts
Section Introduction Transcripts

Secure Management
Well hi there everyone, and welcome to the module, Secure Management. As we progress through this module we're going to look at quite a number of topics. We are going to begin this section by looking at something called a Cisco Configuration Professional. Now this is a software application, we're going to get into the details of how we can use it, but essentially it's going to give us a platform to manage our IOS devices, and to do that through a graphical interface, so it gets us off the command line and gives us sort of a graphical method of doing this. Now you might be familiar with Security Device Managers, the SDM applications, these Java-based applications. This is something similar to the SDM applications. Now in addition to looking at Configuration Professional, we're also going to take a look at how to work with the IOS file system, how to manage our files, how to manage our digitally signed images that we get from Cisco. We're going to take a look at IOS resiliency and see how we can make sure that we have a secure platform, a secure device that's running Cisco IOS, and that it is resilient. We're going to take a look at secure management and reporting briefly in this module. We're also going to look at memory and CPU and how we handle our memory and our CPU. And then finally we're going to look at Netflow, SNMPv3, Management ACLs, and more, so we've got quite a long list of topics to discuss in this section. So that's our introduction to this module, and let's go ahead and move into the next section here which is Cisco Configuration Professional.

Security on Cisco Routers
Well hi there everyone, and welcome to Security on Cisco Routers. So let's talk about what we're going to see in this module. As we begin, we're going to talk about something called Control Plane Policing, or CoPP as it's abbreviated. We'll discuss why we need it and a little bit about how it's configured. We're going to also discuss Control Plane Protection, which enhances the granularity of Control Plane Policing. It gives us a little bit more control over exactly what we are protecting in terms of the control plane, and we're going to see that as we work through this module. We are also going to discuss how authenticating routing protocols is important, and we're going to jump into the lab and we're going to configure OSPF and EIGRP for secure routing. So that's what we have ahead of us, let's begin this section by talking about Control Plane Policing, what it is, what it's designed for, and how it's configured.

Course Summary
Well, hello there everyone, and welcome to our course summary. You know, we've made it this far, and I have to tell you that it's been extremely enjoyable for me to be able to spend this time with you and discuss these topics in terms of securing our network devices. As you've progressed through this course, recall we talked about a number of topics specific to our network devices like Management Plane Protection. We talked about AAA concepts and Secure Management. We stressed the importance, as we moved through this course, on the security of the infrastructure itself. And recall, if we don't secure that infrastructure then we have no network, so we really stressed the importance of that. We talked about the control plane, we talked about 802. 1X, and we talked about BYOD. We got into some of the details on our AAA concepts, and specifically we saw four ways that we could implement AAA. Now remember, AAA stands for authentication, authorization, and accounting, and so we talked about how those processes work. We said that we could use a self-contained method of implementing AAA, and if we did that self-contained method, then that would mean that we would have a database on our router or our switch, and we could use that database to authenticate our users, but we also saw how we could use Cisco Secure ACS for Windows or an ACS appliance, or that new product that we've been talking so much about in a number of courses, Cisco ISE, or Identity Service Engine.