Description
The course illustrates these concepts, as well as provides hands-on experience in implementing the GigaSECURE® Security Delivery Platform. It also provides instruction to the knowledge, skills and attitudes needed for implementing GigaSECURE® into enterprise networks.
This course is also intended to help students prepare for the GCP certification exam.
Course Content
The Gigamon Certified Professional (GCP) Boot Camp is a 5 day, instructor-led course that teaches security, network, cloud and sales engineers security fundamentals for implementing Gigamon technologies to monitor data in motion as part of a comprehensive security strategy.
The course illustrates these concepts, as well as provides hands-on experience in implementing the GigaSECURE® Security Delivery Platform. It also provides instruction to the knowledge, skills and attitudes needed for implementing GigaSECURE® into enterprise networks.
This course is also intended to help students prepare for the GCP certification exam
Who should attend
The primary target audiences for the course are:
- All end users of Gigamon products
- Security operations professionals and architects
- Network operations professionals and architects
- Professional service and system integrations specialists
- Network and security administrators and architects
- Participants of the Gigamon Partner Program and Gigamon Support Partner Program (GSPP) or Gigamon Professional Services Program (GPSP)
Prerequisites
IMPORTANT: This course is designed to assist participants in preparing for the Gigamon Certified Professional certification test, but we recommend that you have the following pre-requisites prior to taking the GCP certification test:
- Basic working knowledge of Gigamon products & flow mapping configuration
- Cisco Certified Network Associate Routing & Switching (CCNA), Interconnecting Cisco Network Devices: Accelerated (CCNAX) or equivalent working knowledge
- CompTIA Cloud+ or equivalent working knowledge
- CompTIA Security+ or Cisco Certified Network Associate Security or equivalent working knowledge
Course Objectives
- How to select a valid traffic source
- Connectivity requirements for inline and out-of-band tools
- Data requirements for inline security and network analysis tools
- Approaches and considerations for packet access for inline tools
- Traffic sizing for inline security and network analysis tools
- Approaches and considerations for out-of-band packet access
- How to implement a packet access solution in a physical network infrastructure
- How to reliably access packets for security analysis
- How to filter traffic to meet the needs of security tools
- Load sharing between inline security and network analysis tools
- How to implement packet optimization for analysis
- How to implement tool groupings for inline processing
- Traffic management for inline processing
- How to replicate traffic to out-of-band tools for augmenting inline security
- Approaches and considerations for packet access in the cloud
- How to implement a packet access solution in a cloud or hybrid network infrastructure
- How to extract virtualized traffic for use with virtualized and physical tools
Outline: Gigamon Certified Professional Bootcamp (GCPB)
Module 1: Security and Tool Essentials
- Tools and Traffic Sources
- Tool Types – Inline/Out-of-Band
- Choosing a Traffic Source
- Tap Selection and Placement
Module 2: Addressing Common Threats
- Review of Security Challenges
- Traffic Source Selection
- Threat Vectors
- Common Security Vulnerabilities
- Review of common threats
- Basic Data Taxonomy
- Democratization of Malware
- Example of an Advanced Persistent Threat (APT)
- What Can Be Done
- Courses of Action
- Ways to break a kill chain
- The new security model
Module 3: Security and Monitoring Tools & Types
- Tools, Tool Groupings and What Traffic They Need
- Security and Monitoring Tools
- Security Tools
- Supporting Security Tools
- Deploying Security Tools
- Out-of-Band Monitoring
- Inline Monitoring
- Inline/Out-of-Band Tool Impact
- Company Philosophy
- Tool Groupings and Arrangements
- Tool Redundancy Schemes
- Tool/group redundancy schemes
- Inline Tool Failover Schemes
- NAT/PAT Gateways
- Passive or Explicit
- Redundancy and Failover Schemes
- Networking Infrastructure Devices
- Traffic Forwarding
- Traffic Types
Module 4: Traffic Filtering
- Networking protocol usage
- Filtering Traffic
- Traffic sizing considerations
- Filtering Fundamentals
- Packet Sizes and uses
- Firewall Concepts
Module 5: Tool Sizing and Visibility Sizing
- Traffic Requirements/minimum # tool nodes/sizing
- Knowing When the Packet Access is Over-Subscribed
- Packet access Sizing – Traffic Volume
- Load sharing
Module 6: Gigamon Platform Architecture
- Installation and Setup (GigaVUE)
- Box Setup
- Port behaviors
- Basic Flow Mapping
Module 7: Traffic Intelligence – GigaSMART
- GigaSMART Application usage
- Highlighted GigaSMART Features – GigaSECURE
- GigaSMART Performance and Capacity
- GigaSMART sizing and restrictions
- GigaSMART processing dependencies
Module 8: Classic Inline Bypass
- Classic Inline Bypass data processing
- Configuration specifics and examples
Module 9: Flexible Inline Bypass
- Flexible Inline Bypass data processing
- GigaSMART involvement / configuration
Module 10: SSL Essentials
- Inline SSL decryption solution
- URL categorization and whitelisting
Module 11: Implementing Inline SSL Decryption
- Inline SSL configuration
- Gigamon specific support features
- Whitelisting support & configuration
Module 12: Virtualization and Cloud Technologies
- Virtual Machines Concepts
- Virtual Networking Concepts
- Cloud Architectures
- Cloud Visibility Challenges
- Solutions for Cloud Visibility
- OpenStack Multi-Tenant
- Amazon Web Services and Microsoft Azure
Module 13: GigaSECURE Cloud
- GigaSECURE Cloud Visibility Elements
- GigaSECURE for OpenStack, AWS, and Azure Deployments
- Identify the Requirements; Size the Solution
Module 14: Gigamon SECURE Cloud: Solution Configurations
- GigaSECURE Virtual Deployments
- GigaSECURE Cloud Deployments
- GigaSECURE Cloud: VSeries Appliance and Visibility Tier Deployments
Module 15: Gigamon Maintenance and Operations
- User management
- Product Upgrading and Updating
- System requirements & process details
- Clustering benefits
- Configuration of Clustering
Labs:
- Lab 1: Understanding Protocol Behaviors
- Lab 2: Wireshark Trace File Activity
- Lab 3: Trace File – HC2 Activity
- Lab 4: Chassis Port Setup and Prep
- Lab 5: GigaSMART Application: De-duplication
- Lab 6: GigaSMART Application: NetFlow Generation
- Lab 7: GigaSMART Application: Adaptive Packet Filtering
- Lab 8: GigaSMART Application: Application Session Filtering
- Lab 9: Trace File – SSL Activity
- Lab 10: GigaSMART Application: Passive SSL Decryption
- Lab 11: Classic Inline Bypass Configuration
- Lab 12: Email Flexible Inline Bypass Configuration
- Lab 13: GigaSMART Application: Inline SSL Decryption
- Lab 14: GigaVUE-VM
- Lab 15: Introduction to the Visibility Platform for AWS
- Lab 16: Design a Basic Architecture for Private Cloud
- Case Study: Design a Basic Architecture for VMware Private Cloud
- Case Study: Design a Basic Architecture for OpenStack Private Cloud
- Lab 17: Design a Basic Architecture for Public Cloud
- Case Study: Visibility Tools Located in the Enterprise Data Center
- Lab 18: Configuration Back Up and Restore
- Lab 19: Removing All Configurations
- Lab 20: H Series Clustering
- Lab 21: Port Behavior Setup
- Lab 22: Passall Configuration
- Lab 23: Simple Flow Map Configuration
- Lab 24: More Complex Flow Map Configuration with Rule Prioritization
- Lab 25: Shared Collector Configuration
- Lab 26: User-Defined Attribute Filter
- Lab 27: Tool Mirror
- Lab 28: Replication and Egress Filtering
- Lab 29: Hybrid Ports
- Lab 30: Tool GigaStream
- Lab 31: Port-Pair
- Lab 32: Snooping LLDP/CDP