 |
| We are here to help... |
 |
| With easy ways to get the answers you need: |
 |
Or call us at:
1-888-742-3214 |
| |
 |
CISCO |
| |
|
| |
|
| Course Name: |
Mitigating DDoS Using Cisco Guard and Traffic Anomaly Detector v2.0 (DDOS) Training |
| |
|
| Deployment Options: |
Onsite - Instructor-Led Training |
| |
|
| Course Duration: |
2 days depending on audience background and options |
|
|
| |
|
| Related Courses |
| |
 |
| |
|
|
|
| Introduction: |
| |
This course covers the implementation, configuration, and management of the Cisco Guard and Cisco Traffic Anomaly Detector. These devices, when properly deployed in enterprise or service provider networks, offer protection from distributed denial of service (DDoS) attacks. Examine the present day issues associated with the ever more challenging landscape of network security and the role Cisco Guard and Detector play in the Cisco SAFE architecture.
The course includes several hands-on lab exercises covering interface configuration for out-of-band (OOB) management via the command line interface (CLI) or GUI, zone configuration, zone traffic policy creation and threshold tuning, automatic zone traffic diversion and injection, and reporting features of the Cisco Guard and Traffic Anomaly Detector. |
| |
| Audience: |
| |
- Employee
- Channel Partner/Reseller
- Customer
|
| |
| Prerequisites: |
| |
- ICND1
- Basic understanding of the BGP routing protocol
- Foundation-level knowledge of Cisco security devices and principals
- ICND1 - Interconnecting Cisco Network Devices 1
|
| |
| Customize it: |
| |
| This 2-days Cisco DDOS course will be customized to your needs and specifications. Eno.com will assist you in identifying those needs and specifications. A word to the wise, there are many vendors of IT security training. They will typically have a broad and general course, one size fits all, already developed and just put your organization?s name on the title slide. This minimizes their effort and time investment. At Eno.com, every course is made to your exact and exacting specifications. We help you ensure what you are getting is what you really eed even if at the beginning you weren't too sure of what that was. We fit the class to your needs. We never fit you into our standard, one size fits all, class. Please call or e-mail to schedule a no-obligation conference call to help us understand your audience background and training objectives. |
| |
| Objectives: |
| |
|
What You'll Learn
- How the Cisco DDoS defense solution protects network devices from suspect traffic generated during a DDoS attack
- Concepts of Anti-Spoofing, Per-Source, and Per-Destination dynamic filters used by the Multi Verification Process (MVP) architecture
- Issues faced today as a result of DDoS attacks and the deficiencies in other security solutions to deal with DDoS attacks effectively
- Functions of the Cisco Guard and Cisco Traffic Anomaly Detector, including zone policy construction and threshold tuning, zone protection, and the Guard protection cycle
- Configure the Guard and Detector for automatic traffic diversion using BGP when an attack is recognized
- Various methods for traffic injection and when each is most appropriate
- Configure protection zones in the Guard and Detector using various templates, policies, and filters based on customer environments
- Configure and monitor the Guard and Detector using both the CLI as well as the GUI
- Management challenges to large-scale deployments and how they are effectively handled with Cisco DDoS Multi-Device Management System
- Cisco Guard and Traffic Anomaly Detector appliances vs. the Cisco Guard and Traffic Anomaly Detector Modules for the Cisco Catalyst 6500 and Cisco 7600 Router families
|
| |
| Course Outline |
| |
1. Course Introduction
•Welcome/Introductions
•Overview
•Student Prerequisites
•Course Flow/Schedule
•Goals
•Description of Resources
2. Mitigation of DDoS attacks
•Overview/Objectives
•Definition of DDoS Attacks
•Issues with Mitigation of DDoS Attacks
•Justification for Need of Guard and Detector
•Designing a DDoS Protection System
•Introduction to Guard
•Introduction to Detector
•Summary
3. Getting Started with Cisco Guard and Traffic Detector
•Overview/Objectives
•Connectivity to Guard and Detector
•Introduction to and Description of Common Commands used with the Guard and Detector
•User Accounts used in Guard and Detector
•Additional Service Available
•Summary
4. Zone Configuration
•Overview/Objectives
•Definition of Zone
•Zone Templates
•Zone Creation and Configuration
•Protection Methods for Zones
•Best Practices for Zones
•Various Zone Examples
•Traffic Thresholds for a Zone
•Summary
5. Diverting Traffic
•Overview/Objectives
•Definition of Traffic Diversion
•What Types of Traffic Diversion are Supported
•Routing Capabilities of the Guard
•Configuring Diversion
•Summary
6. Injecting Traffic
•Overview/Objectives
•Configuring Various Traffic Injection Methods
•Layer 2 Injection
•VPN Routing and Forwarding Injection
•PBR Injection
•GRE Tunnel Injection
•Summary
7. Mitigation at Work
•Overview/Objectives
•MVP Architecture
•Anti-Spoofing Mechanism
•Dynamic Filters
•Zone Filter Configuration
•Policies at Work in Mitigation
•Summary
8. Understanding the Cisco Guard and Traffic Anomaly Detector Reports
•Overview/Objectives
•Understanding Various Reporting Capabilities
•Reporting Commands for the Guard and Detector
•Interpreting Guard and Detector Reports
•Summary
9. Cisco DDoS Multi-Device Management System
•Overview/Objectives
•Functionality
•Configuration
•Deployment
•Summary
10. Cisco Guard and Detector Blades for Catalyst 6500 and Cisco 7600 Router Families
•Overview/Objectives
•Similarities Between the Appliances and Blades
•Differences Between the Appliances and Blades
•Case Studies Which Highlight When To Use Appliances vs. Blades
•Summary |
| |
| Other Expertise: |
| |
|
|
|
| |
|
For organizational purchases, please send us a message at  salesinfo@eno.com
or complete and submit this form . |
| |
| |
| |
|
 |
Request A Quote
Convert your currency
RSS Feed
Facebook
LinkIn
Twitter
You Tube
