Cisco Secure Workload Firewall Enforcement Agents; Data Flow Mapping, and Advanced Policy Deployment (CSWADV)

Skip to Scheduled Dates

Course Overview

Cisco Secure Workload Firewall Enforcement Agents, Data Flow Mapping, and Advanced Policy Deployment, CSWADV, is a 5-day course exploring telemetry data, the flows corpus, and how Cisco Secure Workload Firewall Agent provides enforcement. This course will provide the details and hands-on activities necessary to successfully deploy, manage, and troubleshoot policies in Cisco Secure Workload.

The course qualifies for 40 Cisco Continuing Education Credits (CE).

Course Objectives

    • Describe how the Cisco Secure Workload Agents work to enforce security policy
    • Describe how to deploy the Cisco Secure Workload Firewall Agent
    • Describe how to Manage and Troubleshoot Cisco Secure Workload Firewall Agent policies
    • Review administrative and management tasks necessary to operate, support and manage Cisco Secure Workload
    • Describe how Cisco Secure Workload telemetry data is utilized in the Flows Corpus
    • Construct effective policies based on discovered flows and Application Dependency Mapping (ADM)

Course Outline

Module 1: Cisco Secure Workload Firewall Agent

  • How the Cisco Secure Workload Firewall Agent Enforces Firewall Rules
  • Deploying and Managing Linux Enforcement Agents
  • Deploying and Managing Windows Enforcement Agents
  • Deploying and Managing AIX Enforcement Agents

Module 2: Cisco Secure Workload Enforcement Agent Components, Messaging, and Interaction

  • Enforcement Front End
  • Firewall and Catch-all Rules
  • The Preserve Rules Option
  • Agent Config Intents
  • Stateful Enforcement

Module 3: Enforcement Agent UI Configurations and Troubleshooting

  • Agent UI Configuration
  • Monitoring Agents
  • Platform Specific Enforcement Features and Requirements
  • Known Limitations
  • Troubleshooting Inbound and Outbound Firewall Rules

Module 4: Secure Connector, Edge and Ingest Appliances

  • Secure Connector Overview
  • Secure Connector features and configuration
  • Edge Appliance Overview
  • Edge Appliance configuration
  • Ingest Appliance Overview
  • Ingest appliance features and configurations

Module 5: Application Dependency Mapping

  • Application Management Workflow Cycle
  • Application Insight
  • ADM Process
  • ADM Run Results
  • Cluster Confidence

Module 6: Cisco Secure Workload Policy Analysis

  • Enable Policy Analysis
  • Live Policy Analysis
  • Backdated Policy Experiments
  • Quick Policy Analysis
  • Diagnosis Using Policy Analysis

Module 7: Cisco Secure Workload Analytics Policy Enforcement Overview

  • Policy Global Ordering & Conflict Resolution
  • Scope Priorities
  • Troubleshooting Policy Enforcement

Module 8: Cisco Secure Workload Flow Search

  • Understanding the Flow Corpus
  • Using Scopes to Filter Results
  • Searching with Conjunctions
  • Correlating Flow Data with Hosts and Processes
  • Leveraging Annotations

Module 9: Using Secure Workload Forensics

  • Forensic Signals
  • Configuring Forensics
  • Forensics Visualization and Alerts
  • Forensics Scoring
  • Network and Process Hash Anomaly Detection

Module 10: Cisco Secure Workload Apps and API

  • App Store
  • User Apps
  • Visualize Data Sources
  • Bring your own Data
  • OpenAPI

< Back to Course Search

Class Dates & Times

Class times are listed Eastern time

This is a 5-day class

Price: $4,495.00

Register for Class

Register When Time Where How
Register 11/04/2024 10:00AM - 6:00PM Online VILT