Cisco Secure Workload Firewall Enforcement Agents; Data Flow Mapping, and Advanced Policy Deployment (CSWADV)
Skip to Scheduled Dates
Course Overview
Cisco Secure Workload Firewall Enforcement Agents, Data Flow Mapping, and Advanced Policy Deployment, CSWADV, is a 5-day course exploring telemetry data, the flows corpus, and how Cisco Secure Workload Firewall Agent provides enforcement. This course will provide the details and hands-on activities necessary to successfully deploy, manage, and troubleshoot policies in Cisco Secure Workload.
The course qualifies for 40 Cisco Continuing Education Credits (CE).
Course Objectives
- Describe how the Cisco Secure Workload Agents work to enforce security policy
- Describe how to deploy the Cisco Secure Workload Firewall Agent
- Describe how to Manage and Troubleshoot Cisco Secure Workload Firewall Agent policies
- Review administrative and management tasks necessary to operate, support and manage Cisco Secure Workload
- Describe how Cisco Secure Workload telemetry data is utilized in the Flows Corpus
- Construct effective policies based on discovered flows and Application Dependency Mapping (ADM)
Course Outline
Module 1: Cisco Secure Workload Firewall Agent
- How the Cisco Secure Workload Firewall Agent Enforces Firewall Rules
- Deploying and Managing Linux Enforcement Agents
- Deploying and Managing Windows Enforcement Agents
- Deploying and Managing AIX Enforcement Agents
Module 2: Cisco Secure Workload Enforcement Agent Components, Messaging, and Interaction
- Enforcement Front End
- Firewall and Catch-all Rules
- The Preserve Rules Option
- Agent Config Intents
- Stateful Enforcement
Module 3: Enforcement Agent UI Configurations and Troubleshooting
- Agent UI Configuration
- Monitoring Agents
- Platform Specific Enforcement Features and Requirements
- Known Limitations
- Troubleshooting Inbound and Outbound Firewall Rules
Module 4: Secure Connector, Edge and Ingest Appliances
- Secure Connector Overview
- Secure Connector features and configuration
- Edge Appliance Overview
- Edge Appliance configuration
- Ingest Appliance Overview
- Ingest appliance features and configurations
Module 5: Application Dependency Mapping
- Application Management Workflow Cycle
- Application Insight
- ADM Process
- ADM Run Results
- Cluster Confidence
Module 6: Cisco Secure Workload Policy Analysis
- Enable Policy Analysis
- Live Policy Analysis
- Backdated Policy Experiments
- Quick Policy Analysis
- Diagnosis Using Policy Analysis
Module 7: Cisco Secure Workload Analytics Policy Enforcement Overview
- Policy Global Ordering & Conflict Resolution
- Scope Priorities
- Troubleshooting Policy Enforcement
Module 8: Cisco Secure Workload Flow Search
- Understanding the Flow Corpus
- Using Scopes to Filter Results
- Searching with Conjunctions
- Correlating Flow Data with Hosts and Processes
- Leveraging Annotations
Module 9: Using Secure Workload Forensics
- Forensic Signals
- Configuring Forensics
- Forensics Visualization and Alerts
- Forensics Scoring
- Network and Process Hash Anomaly Detection
Module 10: Cisco Secure Workload Apps and API
- App Store
- User Apps
- Visualize Data Sources
- Bring your own Data
- OpenAPI
< Back to Course Search
Class times are listed Eastern time
This is a 5-day class
Register |
When |
Time |
Where |
How |
Register
|
01/13/2025 |
10:00AM - 6:00PM |
Online |
VILT |
Register
|
03/17/2025 |
10:00AM - 6:00PM |
Online |
VILT |
Register
|
05/19/2025 |
10:00AM - 6:00PM |
Online |
VILT |
Register
|
07/21/2025 |
10:00AM - 6:00PM |
Online |
VILT |
Register
|
09/22/2025 |
10:00AM - 6:00PM |
Online |
VILT |
Register
|
11/17/2025 |
10:00AM - 6:00PM |
Online |
VILT |