7/30/2019 Secure DS 2011Jan26

1/4

Securing Networks withCisco Routers andSwitches (SECURE)

2011 Cisco and/or its affiliates. All rights reserved.

Learning@Cisco

Datasheet

The Securing Networks with Cisco Routers

and Switches (SECURE) v1.0 curriculum

enables students to choose, configure, and

troubleshoot major Cisco IOS Software

security features to reduce security risk to IT

infrastructure and its applications.

The Securing Networks with Cisco Routers and Switches

(SECURE) v1.0 curriculum is a key part of the official

training curriculum for attaining the Cisco CCNP Security

certification, Cisco IOS Security Specialist certification,

Cisco Firewall Security Specialist certification and CiscoVPN Security Specialist certification. It includes a five-day,

instructor-led course aimed to provide network security

engineers with the knowledge and skills needed to secure

Cisco IOS Software router- and switch-based networks and

to provide security services based on Cisco IOS Software.

Students will learn the skills they need to secure the

network environment using existing Cisco IOS Software

features as well as install and configure components of

Cisco IOS Software, as follows: zone-based policy firewall;

Cisco IOS Intrusion Prevention System (IPS); user-based

firewall; secure tunnels using IP Security (IPsec) Virtual

Private Network (VPN) technology including public key

infrastructure (PKI), Virtual Tunnel Interface/ DynamicVirtual Tunnel Interface (VTI/DVTI), Group Encrypted

Transport VPN (GET VPN), Dynamic Multipoint VPN

(DMVPN), and advanced switch security features. The

curriculum focuses on the implementation and

troubleshooting aspects of the lifecycle services approach,

adding some elements of the design phase as well.

Intended Targeted Audiences

The primary audiences for this curriculum are network

security engineers within the following:

Cisco customer organizations

Cisco service and support organizations

Cisco channel partner organizations

Curriculum Objectives

Upon completing this curriculum, the learner should be able

to meet these overall objectives:

Implement and maintain Cisco IOS Software infrastructureprotection controls in a Cisco router- and switch-basednetwork infrastructure

Implement and maintain Cisco IOS Software threat controland containment technologies in a Cisco router-basedperimeter infrastructure

Implement and maintain Cisco IOS Software VPNtechnologies in a Cisco router-based WAN

Implement and maintain Cisco IOS Software remoteaccess VPN technologies in a Cisco router-based remoteaccess solution

Technical Skills Covered

Students will learn these technical skills:

Configuring advanced switched data plane security controls

Configuring advanced infrastructure security controls Configuring basic zoned-based policy firewall features

Configuring advanced zoned-based policy firewall features

Configuring Cisco IOS Software IPS

Configuring a PKI-enabled, site-to-site IPsec VPN

Configuring Cisco IOS Software DMVPN spokes

Configuring GET VPN group members

Configuring a Cisco IOS SSL VPN gateway

Configuring Cisco Easy VPN

7/30/2019 Secure DS 2011Jan26

2/4

Securing Networks withCisco Routers andSwitches (SECURE)

2011 Cisco and/or its affiliates. All rights reserved.

Learning@Cisco

Datasheet

Cisco Network Security Engineer Curriculum

This curriculum is part of the recommended preparation for

the CCNP Security certification, Cisco IOS Security

Specialist certification, Cisco Firewall Security Specialist

certification and Cisco VPN Security Specialist certification.

Recommended Prerequisites

Completion of the CCNA Security certification requires the

prerequisite exams and recommended training shown in

Table 1.

Table 1 Required Exams and Recommended Training

Required

Exams

Exam Name and Recommended Training

640-802

or

640-822 &

640-816

CCNA Composite

or

Interconnecting Cisco Network Devices 1

(ICND1)

Interconnecting Cisco Network Devices 2

(ICND2)

640-553 Implementing Cisco IOS Network Security

(IINS)

Cisco IOS Security SpecialistThe Cisco IOS Software security specialist demonstrates the

hands-on knowledge and skills required to secure networks

using Cisco IOS Software security features embedded in the

latest Cisco routers and switches as well as the widely

deployed Cisco security appliances. Cisco IOS Software

security specialists are able to secure the network

environment and provide security services based on Cisco

IOS Software, as follows: zone-based policy firewall; Cisco

IOS Software IPS; user-based firewall; secure tunnels using

IPsec VPN technology including PKI, VTI/DVTI, GETVPN,

and DMVPN; 802.1X authentication; and advanced switch

security features (see Table 2).

Table 2 Cisco IOS Security Specialist Exams and

Recommended Training

Required Exam Exam Name and Recommended Training

642-637 Securing Networks with Cisco Routers and

Switches (SECURE)

Cisco Firewall Security Specialist

Cisco firewalls are ubiquitous in the world of network security

today. Professionals with the skills to design, implement, and

maintain Cisco firewall solutions using the Cisco ASA adaptive

security appliance and zone-based firewall solutions in Cisco

routers and switches are in high demand. The Cisco firewall

security specialist is a focused certification that validates skills

and knowledge in implementing perimeter security solutions

using Cisco security appliances. These certified specialists are

actively involved in developing secure business solutions and

designing and delivering multiple levels of secure access to

the network (see Table 3).

Table 3 Cisco Firewall Security Exams

Required Exam Exam Name and Recommended Training

642-617 Deploying Cisco ASA Firewall Solutions

(FIREWALL)

642-637 Securing Networks with Cisco Routers and

Switches (SECURE)

Cisco VPN Security Specialist

Cisco offers numerous VPN solutions and configurations. Cisco

VPN solutions are widely deployed in many of todays networks.

Many enterprises and service providers deploy these numerous

VPN solutions at any given time for their various customers and

organizations, from simple point-to-point tunneling to multilayer,

dynamic, high-availability VPNs. Cisco VPN security specialists

can configure, maintain, troubleshoot, and support these various

VPN solutions using Cisco IOS Software and the robust Cisco

ASA adaptive security appliance (see Table 4).

Table 4 Cisco VPN Security Specialist Exams and

Recommended Training

Required Exam Exam Name and Recommended Training

642-637 Securing Networks with Cisco Routers andSwitches (SECURE)

642-647 Deploying Cisco ASA VPN Solutions (VPN)

CCNP Security Certification

The CCNP Security Program is a three-year certification

program intended to recognize the Cisco network security

engineers who have the necessary skills to test, deploy,

configure, maintain, and troubleshoot Cisco network security

appliances and Cisco IOS Software devices that establish the

7/30/2019 Secure DS 2011Jan26

3/4

Securing Networks withCisco Routers andSwitches (SECURE)

3 2010 Cisco and/or its affiliates. All rights reserved.

Learning@Cisco

Datasheet

security posture of the network. Prior to attempting the CCNP

Security certification or any of its associated security specialist

certifications, it is required that an individual has met the

requirements for the Cisco CCNA Security certification and

has at least one to three years of experience in the field of

network security (see Table 5).

Table 5 CCNP Security Exams and Recommended Training

Required Exam Exam Name and Recommended Training

642-637 Securing Networks with Cisco Routers and

Switches (SECURE)

642-627 Implementing Cisco Intrusion Prevention

System (IPS)

642-617 Deploying Cisco ASA Firewall Solutions

(FIREWALL)

642-647 Deploying Cisco ASA VPN Solutions (VPN)

Course Specifications

Table 6 shows the details of the Securing Networks with

Cisco Routers and Switches (SECURE) v1.0 course.

Table 6 Securing Networks with Cisco Routers and Switches(SECURE) v1.0 Course Details

Course

name

Securing Networks with Cisco Routers and

Switches

Short

identifier

SECURE

Associated

certifications

CCNP Security, Cisco IOS Security Specialist

certification

Associated

exam

642-637 Securing Networks with Cisco

Routers and Switches (SECURE), 120

minutes; available at all worldwide Pearson

VUE testing centers

Duration 5 days (classroom or virtual classroom)

Delivered by Cisco Authorized Learning Partners worldwide

Lab

exercises

10 individual labs

Features and Benefits of Cisco AuthoredProfessional Curriculum

Subject matter experts around the world develop authored

Cisco training from Cisco employee, partner, and customer

organizations to align to the specific job tasks of

professional-level network engineers who use current Cisco

products and solutions. Cisco Authorized Learning Partners

deliver authored Cisco curriculum utilizing certified

instructors with a blend of lectures, labs, self-paced lessons,

and assessments (see Table 7).

Table 7 Cisco Authored Professional Curriculum

Primary Features Primary Benefits

Customer-centered

design

Input from Cisco employees,

customers, and partners confirms

relevancy

Job role focus Curriculum aligns to specific tasks

of network engineers

Blended learning

curriculum

Mix of classroom and self-paced

lessons offers flexibility

Extensive lab

exercises

Hands-on practice strengthens skills

End-of-module

assessments

Review reinforces learning

objectives

Worldwide availability Consistent curriculum in all regions

Cisco Authorized

Learning Partners

Certified instructors deliver Cisco

approved content

Aligned to certification Establishes structured professional

development and industry

recognition of skills and knowledge

Current Cisco

solutions and

architectures

Assurance of latest technologies,

knowledge, skills, and best

practices of Cisco solutions and

architectures

7/30/2019 Secure DS 2011Jan26

4/4

Accept Only the Best

Only Cisco Authorized Learning Partners deliver the official Cisco security curriculum.

Authorized training ensures that you will gain the knowledge and expertise that you need

to be successful in todays competitive IT business environment. Cisco Learning Partners

offer a comprehensive set of training resources, from instructor-led courses to remote-

access labs and e-learning solutions to improve technology expertise. Other benefits

include the following:

Learning skills on the latest Cisco products and software: Authorized learning partners

expose students to the latest revisions and newest products to help accelerate their

skills for years to come.

Consistent expertise: Certified Cisco instructors assure students and businesses thesame level of expertise, quality, and service from one class to the next.

Updated training: Cisco Authorized Learning Partners are aware of the latest product

and technology updates, exam changes, and teaching methods.

High student satisfaction: Cisco Authorized Learning Partners are required to maintain

a high level of satisfaction ratings.

Addit ional ly, Cisco Learning Partners accept Cisco learning credits to cover fees for

the Cisco security training curriculum. For more information and to check if these credits

are available in your country, visit www.cisco.com/go/learningcredits.

Learn More

For more information or to register for this program, visit

http://www.ciscolearningnetwork.com