Data Center Security with Virtual Reality (DCSVR) is an instructor-led course. Security is every enterprise’s top priority and keeping Data Center secure will protect business values. This course uses Cisco Validated Designs (CVD) to build a foundational understanding of the potential security threats impacting todays advanced Data Centers. The goal of this course is to help the student understand the types of attacks, the types of targets and the tools available to protect the DC. The learner will get virtual hands on experience with racking and connecting security appliances in a virtual environment. We will also discuss newer security solutions such as Application Centric Infrastructure (ACI), Stealth watch and Tetration to understand how logical separation, data mining and anomaly detection can help us protect the infrastructure.

Upon completing this course, the learner will be able to meet these overall objectives:

• Explain the common vulnerabilities in the Data Center
• Understand Data Center Cisco Validated Designs
• Identify the common attack vectors in the Data Center
• Identify malicious activities
• Identify patterns of suspicious behaviors across the Data Center
• Secure device management in the Data Center
• Explain Zero Trust Networking
• Describe Firewall Features for the Data Center
• Explain the advantages of AMP protection
• Secure the Network with Umbrella
• Understand the reports and information available from Stealthwatch
• Describe how to use Cisco Tetration Analytics for workload protection in order to provide a secure infrastructure for business-critical applications and data

Lesson 1: DC Security Threats

• Describe security threats and potential impacts on the network
• Understand the security challenges faced by the DC staff on a daily basis
• Explain why Cisco Validated Designs lead to a more secure infrastructure
• Describe security threats in the storage network
• Explain Zero Trust Networking

Lesson 2: Protecting the Management Network

• Discuss options for in band and out of band management
• Describe role-based access control
• Explain the role of TACACS and Identity Services Engine (ISE) for device administration control

Lesson 3: Firewalling the Data Center

• Positioning the Firewall Within Data Center Networks
• Cisco Firepower Portfolio
• Describe advanced policy configuration and Firepower system configuration options
• Configure policies to find and stop Ransomware
• Configure Correlation events, white rules, traffic profiles, and create respective events and remediate them
• Understand network and host based AMP on a server
• Configure and analyze host based AMP on a server
• Firewall Virtualization
• Design for Threat Mitigation
• Threat Mitigation Integration with other Cisco products

Lesson 4: Umbrella Integration

• Umbrella and Available Features Overview
• Destination Lists
• Content Categories
• Application Settings
• Tenant Controls
• Security Settings
• Integrations
• Selective Decryption Lists
• DNS Policies
• Firewall Policies
• Virtual Appliance
• Core Reports
• Management Reports
• Integrating Umbrella within Cisco SecureX

Lesson 5: Stealthwatch in the Data Center

• Explain what Cisco Stealthwatch is and how it works.
• Describe the goals of using Cisco Stealthwatch in the proactive and operational modes.
• Define basic concepts of investigation and detection of potential security issues using the Cisco Stealthwatch System.
• Complete workflows to identify indicators of compromise in your network.
• Describe alarm types and alarm notification within Cisco Stealthwatch.
• Explain the utility of maps in the Cisco Stealthwatch System.
• Describe how the Cisco Stealthwatch System contributes to successful incident handling

Lesson 6: Utilizing Tetration in the Data Center

• Enable pervasive visibility of traffic across datacenter infrastructure
• Uses long term data retention for forensics and analysis
• Create communication and dependencies for all applications within the datacenter
• Empower the company to utilize a whitelist policy model
• Identify behavior deviation in real time
• Perform forensics operations

The primary audience for this course is as follows:

• Systems Administrators and Engineers
• Technical Solutions Architects
• Systems Integrators
• Channel Partners
• Value-Added Resellers

The knowledge and skills that the learner should have before attending this course are as follows:

• Basic knowledge of Cisco Security
• Basic knowledge of Cisco Data Center Architecture
• Basic knowledge of servers, storage, and security appliances