Securing Cisco LAN Switches - Computer Based Training
Securing Cisco LAN Switches (SECL) v1.0 teaches the top ten steps for enhancing the security of your Cisco LAN switches.
Based on Cisco and industry best practices and the newest in Cisco switch security features, SECL contains tutorials, animations, and configuration examples that teach you how to configure Cisco switches to ensure maximum device security. Practice what you learn in a safe training environment through e-lab simulations of the Cisco IOS software command-line interface. Finally, test your knowledge using the built-in assessment quizzes.
Are you certain that you have completed the "top ten" security steps on every Cisco switch under your control? Complete the SECL course and learn how!
Course Description
The SECL course is designed primarily for system administrators or students who want to further develop their switch security expertise. The course has been developed to help raise awareness of the need to ensure that Cisco switches used in critical infrastructure networks are configured securely based on industry best practices and Cisco IOS software features.
Course Objectives
Upon completion of this course you will be able to perform the following tasks:
- Configure encryption protocols and applications to securely manage local or remote switches.
- Configure authentication, authorization, and accounting services to improve identity control.
- Identify methods to improve switch security.
- Understand the importance of performance management, maintenance, and security validation of all switches.
- Identify additional switch security enhancements contained in the Cisco IOS software.
Recommended Top 10 Steps
The following list summarizes the top 10 steps to securing a Cisco LAN switch covered in the course:
- Secure the device
- Secure management access
- Secure management applications
- Implement VLAN security
- Secure user access
- Use port security
- Secure STP operations
- Mitigate DHCP starvation attacks
- Mitigate MAC spoofing and IP spoofing attacks
- Mitigate DHCP spoofing attacks
Course Outline
Module 1: Introduction to (SECL)
Module 2: Foundation Elements for Secure Switched Networks
Module 3: Basic Security for Switch Management Access
Module 4: Securing Switch Management Access
Module 5: Authentication, Authorization, and Accounting
Module 6: Securing Switch User Traffic
Module 7: Securing VLANs
Module 8: Spanning Tree Protection
Module 9: Cisco Catalyst Integrated Security (CIS)
Module 10: Cisco Smartports Technology™ Configuration Macros
Module 11: Next Steps
Audience
The SECL course can benefit government, academia, and critical infrastructure sectors, yet any enterprise deploying Cisco switches can take advantage of the syllabus. The target audience for this course is as follows:
- Entry to mid-level system administrators working in government, academia, and critical infrastructure sectors sector who administer networks that include Cisco routers and switches.
- IT managers and Chief Information Officers responsible for running government and critical infrastructure networks.
- Professors in academia who need to teach critical infrastructure security.
For More Information
This training was developed by the Critical Infrastructure Assurance Group (CIAG) at Cisco Systems Inc. to help raise awareness of the need to ensure that Cisco equipment used in critical infrastructure networks are configured securely based on industry best practices and Cisco IOS software features.
If you would like more information about the SECL 1.0 course, such as obtaining bulk quantities of the CD-ROM, please contact the Training Manager at ciag-training@cisco.com.
