Implementing Cisco Network Security v3.0

This course focuses on the design, implementation and monitoring of a comprehensive security policy, using Cisco IOS security features and technologies. All IOS examples and hands on experience is done using the IOS CLI.

Who's it for?

This course is aimed at network engineers and administrators who want an entry level understanding of security on a Cisco network or as prepartion for the Cisco Certified Network Associate for Security Certification.   

Key objectives

After attending this course a delegate should be able to:

  • explain the current threat landscape
  • secure the management and control planes of network devices
  • describe threat defence technologies
  • secure the management and control planes of network devices
  • configure AAA on Cisco IOS devices
  • implement secure management for the Cisco ASA and Cisco IOS routers and switches
  • secure the control plane
  • secure the management and control planes of network devices
  • implement Layer 2 infrastructure security
  • implement Layer 2 protocol security
  • configure management access and NAT on the Cisco ASA
  • configure access control and service policies on the Cisco ASA
  • describe IPsec
  • implement a client-based remote access VPN
  • implement a clientless remote access VPN
  • describe IDS and IPS
  • explain endpoint protection
  • describe content security
  • describe advanced network security architectures.


Prior to attending this course delegates should have attended Interconnecting Cisco Network Devices - part 1.

What's covered?

Security concepts

  • Threatscape
  • Threat defence technologies
  • Security policy and basic security architectures
  • Cryptographic technologies

Secure network devices

  • Implementing AAA
  • Management protocols and systems
  • Securing the control plane

Layer 2 security

  • Securing Layer 2 infrastructure
  • Securing Layer 2 protocols


  • Firewall technologies
  • Introducing the Cisco ASA v9.2
  • Cisco ASA access control and service policies
  • Cisco IOS Zone Based Firewall


  • IPsec technologies
  • Site-to-site VPN
  • Client based remote access VPN
  • Clientless remote access VPN

Advanced topics

  • Intrusion detection and protection
  • Endpoint protection
  • Content security
  • Advanced network security architectures


  • Challenge Lab 1: Configure AAA and secure remote administration
  • Challenge Lab 2: Configure secure network management protocols
  • Challenge Lab 3: Configure secure EIGRP routing
  • Challenge Lab 4: Configure secure Layer 2 infrastructure
  • Challenge Lab 5: Configure DHCP snooping and STP protection
  • Challenge Lab 6: Configure interfaces and NAT on the Cisco ASA
  • Challenge Lab 7: Configure network access control with the Cisco ASA
  • Challenge Lab 8: Configure site-to-site VPN on IOS
  • Challenge Lab 9: Configure AnyConnect remote access VPN on ASA
  • Challenge Lab 10: Configure clientless SSL VPN on the ASA


This course will prepare delegates for the examination, 210-260 - IINS: Implementing Cisco Network Security. 

Delegates wishing to obtain the CCNA Security Certification will also need to have passed the ICND1 or the CCNA Routing and Switching composite exam.

Next step

To obtain course venues/dates and pricing please email your account manager, submit the enquiry form below or call us on 0845 647 0000*

Enquire now . . .