Visão Geral

Esta formação destina-se a engenheiros e pessoal técnico envolvido na implantação, implementação, operação e optimização da solução Cisco SD-WAN (Viptela), tanto em ambientes empresariais como de Prestadores de Serviços. Esta formação é especialmente concebida para clientes/parceiros que implementam Cisco SD-WAN em integração com o conjunto completo de funcionalidades da Cisco Umbrella, incluindo Segurança DNS, Firewall Baseada na Nuvem e Secure Internet Gateway. O curso acompanha-o através da forma como cada integração funciona e como concebê-la e implementá-la passo a passo.

Pre-Requisitos

• Conhecimentos básicos de informática.
  

Informações Gerais

Carga Horária: 24h

• Se noturno este curso é ministrado de Segunda-feira à sexta-feira, das 19h às 23h
• Se aos sábados este curso é ministrado das 9h às 18h
• Se in-company por favor fazer contato para mais detalhes.

Formato de entrega: 

• 100% on-line ao vivo, via Microsoft Teams na presença de um instrutor/consultor ativo no mercado.
• Nota: não é curso gravado. 

Lab:

• Laboratório + Exercícios práticos

Materiais

Conteúdo Programatico

Cisco SD-WAN Introduction

1. High-level Cisco SD-WAN Deployment models
2. Application level SD-WAN solution
3. Cisco SDWAN plan for HA and Scalability
4. Cisco SD-WAN solution components: vManage NMS, vSmart Controller, vBond Orchestrato
5. Edge Routers (cEdge & vEdge)
6. Cloud Based Deployment vs On-Premises Deployment

Zero Touch Provisioning

1. Overview
2. User Input Required for the ZTP Automatic Authentication Process
3. Authentication between the vBond Orchestrator and WAN Edges
4. Authentication between the Edge Routers and the vManage NMS
5. Authentication between the vSmart Controller and the Edge Routers

Cisco SD-WAN Solution

1. Overlay Management Protocol (OMP)
2. Cisco SDWAN Circuit Aggregation Capabilities
3. Secure Connectivity in Cisco SD-WAN
4. Performance Tracking Mechanisms
5. Application Discovery
6. Dynamic Path Selection
7. Performance Based Routing
8. Direct Internet Access
9. Cisco SD-WAN In-built Security features: App Aware FW, Talos IPS, URL Filtering, Umbrella Integration & Advanced Malware Protection
10. Dynamic Cloud Access: Cloud On-Ramp for SaaS and IaaS (AWS, Azure & GPC)

Deeper Insight into Cisco SD-WAN Security

1. Designing Security Requirements within Cisco SD-WAN
2. DIA Security
3. Direct Cloud Access Security
4. Guest User Security
5. Compliance Requirements
6. Security Implementation at the Branch Site
7. Implementing Zone Based Firewalls on Cisco WAN Edge
8. Implementing UTD on Cisco WAN Edge
9. Configuring URL Filtering
10. Configuring Snort IPS
11. Best Practices for UTD setup (Based on production deployment experiences)
12. Implementing Advanced Malware Protection
13. Configuring AMP
14. Overview of integration with Threat Grid

Designing and Implementing DNS Security

1. Pre-requisite check before integrating Umbrella with Cisco SD-WAN
2. Making sure you have the correct licensing
3. Platform support check
4. Internet Connectivity check
5. Walking through the Umbrella Dashboard
6. Dashboard Overview
7. DNS Policy GUI Overview
8. Firewall Policy GUI Overview
9. Web Policy GUI Overview
10. Umbrella AD/SAML Integration Overview (optional)
11. Integrating Cisco Umbrella for DNS Security
12. Umbrella API Integration
13. Configuring the DNS Encryption Policy
14. Excluding the local domains
15. Configuring the Security Policy in vManage
16. Implementing the policy at the DIA Sites
17. Verification
18. Checking the logs on Umbrella Dashboard
19. Checking the vManage Security Dashboard

Cisco SD-WAN and Cisco Umbrella SIG Integration

1. SIG Integration Overview
2. Configuring Cisco vManage Templates for SIG Tunnel Creation
3. Using the pre-configured Feature Templates in vManage 20.X
4. Adding the SD-WAN Routers and Sites in Umbrella Identities
5. Validate that the routers show up from the Umbrella Dashboard
6. Designing and Configuring Policy for SIG Redirection
7. Setting up the vSmart Centralized Policies for SIG Redirection on DIA Traffic
8. Verification
9. Checking the logs on Umbrella Dashboard
10. Checking the vManage Security Dashboard

Cisco SD-WAN and Cisco Umbrella Cloud Firewall Integration

1. Umbrella Cloud Firewall Integration Overview
2. Configuring Cisco vManage Templates for Firewall Tunnel Creation
3. Using the pre-configured Feature Templates in vManage 20.X
4. Adding the SD-WAN Routers and Sites in Umbrella Identities
5. Validate that the routers show up from the Umbrella Dashboard
6. Designing and Configuring Policy for Firewall Redirection
7. Setting up the vSmart Centralized Policies for Umbrella FW Redirection on DIA Traffic
8. Verification
9. Checking the logs on Umbrella Dashboard
10. Checking the vManage Security Dashboard

Troubleshooting Umbrella Integration

1. Troubleshooting DNS Security
2. API Integration not working
3. DNS for local domain failing
4. No redirection to Cisco Umbrella for external domains
5. Troubleshooting SIG and Firewall
6. Making sure the IPSec Tunnels to Umbrella are operational
7. Troubleshooting the vManage policies for redirection
8. Load balancing using vManage policies
9. Reviewing logs in Umbrella
10. Checking Alarms and Notifications
11. Checking Alarms on vManage
12. Checking Alarms on Cisco Umbrella