Corso SDSI – Designing Cisco Security Infrastructure

Obiettivi | Certificazione | Contenuti | Tipologia | Prerequisiti | Durata e Frequenza | Docenti | Modalità di Iscrizione | Calendario

Il Corso SDSI – Designing Cisco Security Infrastructure è parte del percorso Cisco CCNP Security. Questo corso prepara i Partecipanti a progettare architetture di sicurezza moderne, scalabili e coerenti con i requisiti delle infrastrutture enterprise. Il corso affronta il security architecture design con un approccio orientato alla protezione dell’infrastruttura, delle applicazioni, dei dati e dei processi operativi, includendo risk management, compliance, incident response, automation, DevSecOps e utilizzo dell’Artificial Intelligence nei contesti di cybersecurity. Durante il corso vengono trattati concetti e tecnologie come secure infrastructure, Zero Trust, identity, MFA, passwordless authentication, continuous trust, endpoint security, email security, hybrid workers, IoT, SaaS, multi-cloud, VPN, tunneling, SD-WAN, IPsec, MPLS, GRE, DMVPN, management plane security e control plane security. Il programma approfondisce inoltre le differenze tra firewall tradizionali e Next-Generation Firewalls (NGFWs), l’utilizzo di Web Application Firewall (WAF), IDS/IPS, distributed firewalls, host-based firewalls ed eBPF. Il percorso include anche la protezione di cloud-native applications, microservices, containers e serverless architectures, con attenzione a segmentation, microsegmentation, DLP, SSL offloading, SSL decryption, application flow data e security controls per ambienti moderni. Vengono inoltre analizzati framework e strumenti per la gestione del rischio e degli eventi di sicurezza, tra cui SOC, incident handling, incident response, security telemetry, alerting, SOAR, MITRE CAPEC, NIST SP 800-37 e Cisco SAFE. Il corso affronta infine il ruolo di AI, automation e DevSecOps nella protezione dell’infrastruttura, includendo Infrastructure as Code, API tooling, container scanning, automated workflows e AI-based threat detection. Il Corso contribuisce alla preparazione dell’esame di Certificazione CCNP Security (Esame 300-745).

Obiettivi del corso

Di seguito una sintesi degli obiettivi principali del Corso SDSI – Designing Cisco Security Infrastructure:

• Progettare architetture di secure infrastructure basate su Zero Trust, identity, MFA, endpoint security, cloud, SaaS e hybrid workforce.
• Valutare soluzioni di sicurezza per VPN, tunneling, SD-WAN, management plane, control plane, NGFW, WAF, IDS/IPS e distributed firewall.
• Proteggere cloud-native applications, microservices, containers, serverless architectures, application data e data in transit.
• Applicare framework di risk management, compliance, incident response, SOC operations, security telemetry, SOAR, MITRE CAPEC, NIST SP 800-37 e Cisco SAFE.
• Integrare AI, automation, DevSecOps, Infrastructure as Code, API tooling e container scanning nei processi di security design.

Certificazione del corso

Esame 300-745 SDSI Cisco Certified Specialist – Designing Cisco Security Infrastructure;
Esame Parte della Certificazione CCNP Security; Questo esame valuta le competenze del candidato nella progettazione di architetture di sicurezza per infrastrutture enterprise moderne. L’esame verifica la capacità dell’esaminato di progettare una secure infrastructure, selezionando approcci e tecnologie per proteggere identity, endpoint, email, hybrid workers, IoT, SaaS, multi-cloud environments, management plane e control plane. Sono inclusi topic relativi a Zero Trust, MFA, passwordless authentication, continuous trust, VPN, tunneling, SD-WAN, IPsec, MPLS, GRE, DMVPN, firewall architectures, NGFW, WAF, IDS/IPS, host-based firewall, distributed firewall ed eBPF. Una parte rilevante riguarda la sicurezza applicativa e dei dati, con focus su cloud-native applications, microservices, containers, serverless architectures, segmentation, microsegmentation, DLP, SSL offloading, SSL decryption, application flow data e data in transit. L’esame copre inoltre risk management, compliance, security events, incident handling, incident response e modifica del security design a seguito di rischi, eventi o nuovi requisiti. Il candidato deve dimostrare conoscenza di framework e strumenti come MITRE CAPEC, NIST SP 800-37, Cisco SAFE, SOC, security telemetry, alerting e SOAR. Sono inclusi anche topic relativi ad Artificial Intelligence, automation e DevSecOps, tra cui Infrastructure as Code, API tooling, automated workflows, container scanning e AI-based threat detection.

Contenuti del corso

Definition and Purpose of Security Architecture

• Core concepts of security architecture in enterprise environments
• Role of security architecture in building and maintaining secure infrastructure
• Relationship between business requirements, technical controls, and risk reduction
• Security architecture as a foundation for governance and operational resilience
• Design considerations for scalable and maintainable security infrastructures

Components of Security Infrastructure

• Main layers of security infrastructure
• Core security technologies used in enterprise architectures
• Role of identity, endpoint, network, application, and cloud security components
• Integration of security controls across hybrid and multi-cloud environments
• Infrastructure concepts required for secure enterprise design

Security Design Principles

• Key principles for designing secure infrastructure
• Defense-in-depth and layered security approaches
• Application of Zero Trust concepts in security design
• Design strategies for confidentiality, integrity, and availability
• Alignment of security principles with operational and business requirements

Security and Design Frameworks

• Overview of security design and management frameworks
• Use of Cisco SAFE for infrastructure security design
• Role of NIST SP 800-37 in risk management and security lifecycle
• Use of structured frameworks to guide architecture decisions
• Mapping security controls to enterprise requirements and risk scenarios

Compliance and Regulatory Requirements

• Role of compliance in security architecture design
• Identification of regulatory requirements for enterprise environments
• Enforcement methods for compliance-driven security controls
• Impact of governance policies on security infrastructure design
• Alignment between technical security controls and regulatory obligations

Security Approaches to Protect Against Threats

• Security strategies for protecting enterprise infrastructure
• Use of identity, endpoint, email, and network security controls
• Protection models for hybrid workers, IoT, SaaS, and multi-cloud environments
• Role of MFA, passwordless authentication, and continuous trust
• Threat-driven selection of security technologies and controls

Modify the Security Architecture to Meet Technical Requirements

• Adaptation of traditional security architectures to modern enterprise needs
• Design modifications for hybrid, cloud, SaaS, and remote workforce scenarios
• Selection of security controls based on new technical requirements
• Balancing security, scalability, performance, and operational complexity
• Continuous improvement of infrastructure security design

Network Access Security

• Secure network access methods for enterprise environments
• Use of 802.1X for authenticated access control
• Integration of MAC Authentication Bypass (MAB) for non-supplicant devices
• Use of web-based authentication for controlled network access
• Design considerations for identity-based access policies

VPN and Tunneling Solutions

• Security technologies for enterprise WAN connections
• Use of VPN and tunneling solutions for secure connectivity
• Comparison of IPsec, MPLS, GRE, and DMVPN
• Design considerations for remote, branch, and hybrid connectivity
• Security implications of encrypted transport architectures

Secure Infrastructure Management and Control Planes

• Methods to secure management plane traffic
• Methods to secure control plane traffic
• Protection of administrative access and infrastructure services
• Design considerations for segmentation and management isolation
• Security controls for resilient and trusted infrastructure operations

Nextgen Firewalls

• Differences between traditional firewalls and Next-Generation Firewalls (NGFWs)
• Advanced security features provided by NGFW platforms
• Use of application visibility and user-aware policy enforcement
• Integration of NGFWs into enterprise security architecture
• Design considerations for perimeter, internal, and cloud-connected environments

Web Application Firewall (WAF)

• Role of Web Application Firewall (WAF) in application security
• Protection of web applications from common threats and attacks
• Placement and design considerations for WAF deployment
• Integration of WAF with broader application security controls
• Relationship between WAF, SSL inspection, and application traffic protection

IPS/IDS Deployment

• Role of Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)
• Deployment models for IDS/IPS in enterprise infrastructure
• Best practices for detection, prevention, and traffic inspection
• Integration of IDS/IPS into layered security architectures
• Operational considerations for tuning, visibility, and response

Host-Based Firewalls and Distributed Firewalls

• Use of host-based firewalls to protect endpoints and services
• Role of distributed firewalls in microsegmented environments
• Protection of cloud-native, virtualized, and microservice-based workloads
• Use of eBPF and modern host-level security mechanisms
• Design considerations for workload-level policy enforcement

Security Solutions Based on Application and Flow Data

• Use of application and flow data for security decision-making
• Protection of application data and data in transit
• Role of DLP, SSL offloading, and SSL decryption
• Analysis of traffic patterns to support threat detection
• Integration of flow visibility into security architecture design

Security for Cloud-Native Applications, Microservices, and Containers

• Security controls for cloud-native applications
• Protection strategies for microservices and containerized environments
• Security considerations for serverless architectures
• Use of segmentation and microsegmentation for application protection
• Design of security controls across modern application environments

Emerging Technologies in Application Security

• Impact of Generative AI on application security design
• Role of Machine Learning in threat detection and response
• Security considerations related to quantum computing
• Evaluation of emerging technologies in enterprise security architecture
• Adaptation of security policies to evolving application threats

SOC Tools for Incident Handling and Response

• Role of SOC tools in incident handling and response
• Use of security telemetry, alerting, and event correlation
• Integration of SOAR platforms into security operations
• Incident response workflows and operational escalation models
• Visibility requirements for effective detection and response

Modify Design to Mitigate Risk

• Assessment of infrastructure security risks
• Use of frameworks and controls to evaluate and mitigate risk
• Design adjustments based on risk exposure and business impact
• Mapping of threats and controls using structured methodologies
• Continuous refinement of security architecture based on risk analysis

Incident-Driven Security Adjustments

• Security design changes following a security incident
• Analysis of incident impact on infrastructure and applications
• Adjustment of controls, policies, and architecture after compromise
• Lessons learned integration into future security designs
• Improvement of resilience through post-incident architecture updates

DevSecOps Integration

• Role of DevSecOps in modern security management
• Integration of security controls into development and deployment workflows
• Collaboration between security, development, and operations teams
• Use of automated security checks in delivery pipelines
• Security-by-design principles in application and infrastructure lifecycle

Secure Automated Workflows and Pipelines

• Security considerations for automated services and pipelines
• Use of Infrastructure as Code (IaC) in secure deployments
• API tooling and automated workflow protection
• Container scanning and validation of deployment artifacts
• Risk reduction in automated infrastructure and application delivery

AI’s Role in Securing Infrastructure

• Role of Artificial Intelligence in threat detection and response
• Use of AI to analyze security telemetry and identify anomalies
• AI-assisted prioritization of alerts and security events
• Support for automated response and incident investigation
• Security considerations for AI-driven infrastructure protection

Tipologia

Corso di Formazione con Docente

Docenti

I docenti sono Istruttori accreditati CISCO e certificati in altre tecnologie IT, con anni di esperienza pratica nel settore e nella Formazione.

Infrastruttura laboratoriale

Per tutte le tipologie di erogazione, dove previsto, il Corsista può accedere alle attrezzature e ai sistemi reali Cisco presenti nei Nostri laboratori o direttamente presso i data center Cisco in modalità remota. Ogni partecipante dispone di un accesso per implementare le varie configurazioni avendo così un riscontro pratico e immediato della teoria affrontata. Ecco di seguito alcune topologie di rete dei Laboratori Cisco Disponibili:

Dettagli del corso

Prerequisiti

Si consiglia la partecipazione al Corso CCNP Security SCOR.

Durata del corso

• Durata Intensiva 5gg;

Frequenza

Varie tipologie di Frequenza Estensiva ed Intensiva.

Date del corso

• Corso Cisco SDSI (Formula Intensiva) – Su richiesta  – 9:00 – 17:00

Le iscrizioni sono a numero chiuso per garantire ai tutti i partecipanti un servizio eccellente.
L’iscrizione avviene richiedendo di essere contattati dal seguente Link, o contattando la sede al numero verde 800-177596 o inviando una richiesta all’email [email protected].