Detailed Course Outline
Module 1: Cloud Monitoring and Security Design Concepts
- Understanding the cloud
- Visibility Challenges in the cloud
- Cloud Architecture Fundamentals
- Cloud Security Architectures
- Integration with the Enterprise
- Multilayer Protection
Module 2: Introducing AWS
- Architecting an Amazon VPC
- High availability and Amazon VPC
- Applying concepts: building a multi-region network
- AWS Permissions and Policies
- AWS Security Credentials
- Creating a Security Group
- Network Requirements
- Subnets for VPC
- Elastic Network Interfaces (ENIs) for Instances
- Deploying the Visibility Platform for AWS
- Deploying a Solution for the Hybrid Cloud
- Deploying a Solution for Multi-VPC Deployments
Module 3: Introducing Cisco FirePOWER
- Cisco FirePOWER Introduction
- NGIPS, ASA, NGIPSv
- Deployment Options
- Management Center
- IPS and DLP Sensors
- Licensing
- Deployment Scenarios
- Adding a virtual device
- Traffic detection with virtual devices
- Virtual FirePOWER Management Center
- Cisco FirePOWER Operation and Configuration
- Cisco FirePOWER Sensor Policies
Module 4: Gigamon Secure Delivery Platform
- Introduction to Visibility
- Architecture and Components
- Introduction FlowMapping
- GigaVUE Hardware Overview
- Deployment of Out-of-Band (Physical Tools)
- GigaSMART Overview
- GigaVUE-FM Overview
- Gigamon Visibility Platform for AWS
- Supported Architectures
- Deployment of Virtual Tools
- GigaVUE V-Series node Overview
Module 5: Gigamon Deployment Architectures
- Public Cloud Design AWS
- Basic Deployment Designs: PoC
- Scalable Deployment Designs: Hybrid, vs. Born in Cloud
- Deploying a Solution for Multi-VPC Deployments
- AWS Deployment Requirements:
- Network and Security Group Requirements
- TCP Port Requirements
- GRE Protocol Requirements
- Subnet Requirements for VPC s
- Addressing specifics for Gigamon Solution
- Elastic Network Interfaces (ENI) specifics for Gigamon Solution
- Network Routing Requirements
- Deploying Direct Connect versus VPN Connectivity
Module 6: Cisco FirePOWER with AWS and Gigamon Deployment
- Solution Overview
- Use Cases
- Architectural Overview
- Components and Version Compatibility
- Network architecture
- Launching the Components in AWS
- Installing the G-vTAP Agents
- Launching the GigaVUE-FM API
- Deploying GigaVue-V-Series Nodes
- GigaVUE V-Series node Configuration
- Installation Best Practices
- Launching the Visibility Platform Components in AWS
- Configuring Monitoring Sessions in AWS
- Configuring the AWS Settings
- Cisco FirePOWER Configuration
- GigaVUE-HC2 Configuration
- Testing and Verification
Labs
- Designing a cloud monitoring architecture with Gigamon solutions
- Designing a monitoring and security architecture for an AWS solution
- Designing a cloud security architecture with Cisco FirePOWER virtual appliances
- Configuration for an AWS deployment solution
- Cisco FirePOWER configuration for a joint inline deployment solution
- Gigamon configuration for a joint inline deployment solution
- Testing and verification of a joint inline deployment solution using Cisco FirePOWER, AWS and Gigamon