Time
11 hours
Difficulty
Intermediate
CEU/CPE
15

Video Transcription

00:00
Hello. Welcome back,
00:01
Cisco Survive Design Associate Module 13 lives and 13.4 I mean instructor Wayne.
00:09
In the previous video, we talked about detecting and medicating frights. From this video, we will begin to introduce a security management applications on the integrating security into never devices.
00:22
Here's the pre assessment question, which is secured and management solution integrates the configuration of management of firewalls of GPS rodders, switch modules and I ps devices
00:34
a CSM be Cisco Eyes C A S T e m P A. C s would go away The CSM
00:42
Siskel Security manager CSM as an integrated solution for configuration management of a firewall, Beaky and Rocker switch module and GPS devices.
00:54
Here's the topic of all. Discuss
00:57
security platform solutions. Cisco has a variety of the security management products on the technologies that can allow scaleable administration and the first man of a security policy for the system s to CF architecture. This solutions reduce the operational management
01:15
and automated many over the common tasks,
01:18
including configuration announces incidence response on the reporting security management of platforms including the following Cisco Security Manager CSM is an integrated solution for a coolie configuration management off a firewall
01:34
VPN on I ke s policies on Cisco security appliances, firewalls, rodders and assuage modules.
01:42
CSM has capabilities for security policies to be deployed by device by group or probably for all devices.
01:51
Cisco Secure Access Control Server A CS provides a centralized control for administrative access to Cisco Devices on a security applications
02:01
A C S provides for tipo. A security service sees on supports rodders sweeties VPN Service sees on the essays Inundation. Cisco UCS also supports back and a directory
02:14
integration with the Latin Way directly. Access Protocal I'll dap on a Microsoft active directory. 80 for alternate cation serv CES.
02:23
Cisco Identity Service's Engine Ice Supplies is a security policy manager in platform that all demands access control by enforcing compliance increasing that were security on the improving operations. Cisco Ice provides activating identification of the users and the devices on the network,
02:42
including E the provisioning Off all devices
02:45
ice collected, reach contactable data about it. A connected the user's devices and can provide a policy enforcement security compliance before the devices even have authorized access. The network
02:59
since the administration jumped host provides a centralized the host that used the stage configuration software images on implement and never changes
03:09
network time. Particle on T P Server
03:13
provides a time synchronization to NTP clients such as rodders and assuages time synchronization as a crew show in the announces of even correlations
03:24
configuration of the software archive Host serves as ah depository to back up the device configurations on the software. In majors
03:35
integrating security into network devices, it is crucial to integrate security into all network devices throughout your network. Common devices types include II's rodders and assuages, adaptive security appliances, essays, intrusion prevention systems, ikey asses
03:53
Callous. The 6500 Serves modules
03:57
and a Point Security.
04:00
Cisco has developed the Manning security features that are integrated into the I Y space, the software or security specific of future sites. Here are some of the major areas of the security focus that have being included in where the Cisco IOS releases
04:17
Cisco I. Wise Firewall is that security specific option that provides a staple file functionality for prime dry OS rodders. Since Goais Firewall provides effective control off application traffic flowing through the network,
04:31
keep benefits of Iowa's firewall include the protection ever X From that work and application. We are tax
04:39
improving up time on offering policy and first man for internal and external connections.
04:46
Cisco I OS I Ke s offers in line deep packet inspection to successfully diminish a wider range of a network attacks. IOS aqui es can identify classify and a block militias trafficking in real time. I owe as I PS operates by loading the tax signatures
05:03
on the broader and then matching the attacks
05:06
based on signatures. Cisco also provides a pre built A signature. Defined the files as DF that content high fidelity signatures that are based on the memory available on the broader says Go as I p psyching crepes of data. Today, I keep packing the level
05:25
using a set of standards based. The protocols,
05:28
he said, provides data authentication and a replay on data and the data confidential be on a CZ, the preferred method of securing GPS. Cisco hours trust the identity as a sort of a core technologies and enables never. Traffic of security
05:45
technologies included the following Triple A framework and a Magnus ums for controlling device access
05:50
Secure show sssh used for encrypted access between applications. Onda rodders, Secure socket early or SSL, secure Web application access p k i Public key infrastructure Strong authentication for e commerce applications
06:06
This table is forever the system. Iowa has integrated the security features
06:13
since the security of appliances.
06:15
Cisco Security appliances provide a robust The security service is in the protection for five Warning VPN service is content defenses intrusion prevention services on network access control The following is an overview of a Cisco security appliances adaptive the security appliances s A
06:34
The is a high performance Madi functions like security appliance
06:40
that offers a comprehensive instead of a service is for security and that would be a moments The service's are customized the through product additions tailored for firewall PS on Travers on a V P. M A s A is a critical competent over this is go safe architecture
06:58
that provides proactive arthritis medication
07:00
controls. Application data flows on the deliverers of flexible VPN and I PS service is in addition. Essay is a very cost effective and easy to manage on offers advance the integration modules that enhances the processing capabilities.
07:15
Yes, they also has a supportive for Private Harper I PS module capabilities.
07:20
The essays are Buchanans. This is Cally Essays provided businesses with I p sac on the S S L V P M. Connectivity. The essays are flexible and offer many deployment of scenarios, although they are commonly used to determine a VPN sessions for remote access connections.
07:38
Yes, a CZ can also be used to terminated scientist Ikonos
07:42
with other essays, rodders or even done. Cisco Finals. Those centralized architecture in a Web based the Management i East. They had a street of a burden on a Consolidated the VT and connectivity for the Enterprise. Cisco Identity Service Angie Nice Siskel Eyes is a security policy managing a platform
08:00
that all mates access control by you. Forcing compliance increasing never security
08:05
on improving operations, says Guys provides actually the identification of users and devices on the network, including easy provisioning off all devices. ICE collects reach. Contact your data about it, connected the users and devices, and it can provide a policy enforcement. Security complies
08:26
before in devices even authorized to access the network.
08:31
The college the 6500 switching platform supports additional security service is on the functionality through the use of the service module's several service module options. Extended the capabilities of a security related the stripes he's with the Cisco carries the 6500 just platform
08:48
many environments now combined. Many off these serves modules together to form what is now referred to as service's switches. Carrots. The 6500 security related serves Margo's include the following
09:01
Yes, a service. Marjorie is a high speed of final Ma joke or using the Cisco Calista, the 6500 Cisco 76 handers. Here's a routing platforms.
09:11
After four a s, A service modules can be installed in a single chance. He's providing 20 GPS of A through poot performance for module for service provider in the large enterprise environment, The essay service Margo supports advance the features,
09:26
such as multiple security contacts for both Rot eight and transparent and firewall molds
09:31
running multiple contacts on the same firewall. Hardware is a technique used to virtual eyes. The essay into multiple firewalls, situated stone configuration and the firewall policy I p. Sac VPN s P a.
09:46
Enables cost effective. Inescapable We can service is using this. Cisco caress the 6500 serious wages Francisco 7600 series of routing platforms.
09:56
The model does not have any interfaces, but instead he uses the other land. Why interfaces that are available on the CASS is using the SP a carrier for 100 each slot of the Cisco Countess, the 6500 for Cisco 7600 Roger can support up to two Siskel AKI second e p a s p A s
10:18
Webby can serves module is a high speed integrated SSL VPN service is Margo for support Largest field remote access of a peon deployments. The Web VPN service is module supports up to 32,000 SS A VPN users on up to four modules can be used in a single chances
10:37
network. And now this is Marjorie
10:39
provides a packet of capture capabilities and a visibility into all the layers off the never data flows, including overlay technologies such as Captain Ahab and the VX land. You can analyze application traffic between the hosts and that works at the servers.
10:56
The name's supports out 4 to 7 visibility using Cisco networking based
11:01
application recognition to UN part two
11:05
Learning Jack Question number one. Well, you're integrating security into the never device which over the foreign can be used to select all that. Apply a arm. Rome B A S a. C. Cisco. I Zaki asked. Thesis lock. We'll go with B and C
11:22
as we know Cisco as I PS on S A can be used to integrate a security into the network.
11:30
Question number two in which to Moe's Can you deploy Cisco RPS appliances? Choose 2 a.m. i b Permission ER's CVP BTP Group. The threat of mitigation e threat detection would go into A and B
11:46
Internet's brief lecture with disgust, security management applications and integrating security into a network devices.
11:54
Any questions? Please feel free to contact me. Otherwise I will see you in the next video Bye for now.

Up Next

CCDA (Cisco Certified Design Associate)

In this CCDA training you will learn the knowledge and skills involved in attaining your Cisco Certified Design Associate (CCDA) certification.

Instructed By

Instructor Profile Image
Wayne Xing
Network Solutions Architect
Instructor