From the course: Implementing Cisco Software-Defined Wan (SD-WAN) for your Enterprise and Cloud
Join today to access over 25,600 courses taught by industry experts.
Application-aware enterprise firewall - Cisco Tutorial
From the course: Implementing Cisco Software-Defined Wan (SD-WAN) for your Enterprise and Cloud
Application-aware enterprise firewall
- [Instructor] This lesson is going to start the conversation regarding our on-premise security stack, which we support in all of the SD-WAN offers. Now we're going to talk specifically about the security functions and the wrapper around that, and then dive into the zone based firewall. So when we deploy the Cisco SD-WAN integrated security, there's two methods we can do this. We can do this in a security policy, and in this policy structure, the administrators are going to select the firewall features, the IPS and IDS features, and then URL filtering and DNS security on a VPN by VPN basis. The other methodology is we can go down to a unified security policy. In this model, basically the structure's going to comprise of the nesting S security policies into an inspection profile, and then the inspection profile is going to be assigned to a specific network traffic. So that's going to tie more explicitly into you know, you classify this traffic as FTP, therefore you apply this…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
Learning objectives39s
-
Cisco SD-WAN benefits and use cases12m 29s
-
Cisco SD-WAN architecture and components15m 32s
-
Cisco SD-WAN terminology and constructs4m 37s
-
Overlay Management Protocol (OMP)6m 27s
-
Cisco SD-WAN fabric operations3m 48s
-
Data tunnel connectivity11m 20s
-
Transport path selection5m 5s
-
VPN segmentation6m 35s
-
Control and data plane connectivity models10m 37s
-
(Locked)
Edge architecture6m
-
(Locked)
vManage dashboard demonstration12m 51s
-
-
-
(Locked)
Learning objectives29s
-
(Locked)
Controller scalability and redundancy5m 13s
-
(Locked)
Controller deployment methods1m 32s
-
(Locked)
Deploying customer hosted vManage controller21m 9s
-
(Locked)
Deploying customer hosted vBond11m 45s
-
(Locked)
Deploying customer hosted vSmarts9m 15s
-
(Locked)
Post installation cleanup tasks6m 18s
-
(Locked)
-
-
(Locked)
Learning objectives31s
-
(Locked)
Device configuration fundamentals10m 20s
-
(Locked)
CLI template10m 5s
-
(Locked)
Device and feature template structure overview7m 36s
-
(Locked)
Building system feature templates18m 21s
-
(Locked)
Building VPN feature templates10m 33s
-
(Locked)
Building VPN interface feature templates22m 9s
-
(Locked)
Building other common feature templates6m 32s
-
(Locked)
Building device templates12m 54s
-
(Locked)
-
-
(Locked)
Learning objectives32s
-
(Locked)
SD-WAN routing21m 20s
-
(Locked)
SD-WAN routing mechanics31m 19s
-
(Locked)
Static route configuration14m 47s
-
(Locked)
OSPF configuration25m 56s
-
(Locked)
EIGRP configuration18m 46s
-
(Locked)
BGP configuration22m 50s
-
(Locked)
Multicast routing8m 45s
-
(Locked)
Multicast routing demonstration21m 18s
-
(Locked)
-
-
(Locked)
Learning objectives1m 2s
-
(Locked)
Policy overview15m 59s
-
(Locked)
Access control lists (ACLs)23m 17s
-
(Locked)
Route policy26m 57s
-
(Locked)
Traffic data policy overview15m 26s
-
(Locked)
Traffic data policy configuration24m 46s
-
(Locked)
Application pinning with local TLOCs17m 58s
-
(Locked)
Application pinning with remote TLOCs14m 11s
-
(Locked)
VPN membership policy10m 22s
-
(Locked)
Topology policy (hub and spoke)17m 34s
-
(Locked)
Customized topology policy (hub and spoke)21m 47s
-
(Locked)
Dynamic on-demand tunnels17m 6s
-
(Locked)
Advanced topology policies (multi-region)30m 47s
-
(Locked)
Traffic engineering with topology policies18m 41s
-
(Locked)
Route leaking (shared services)23m 15s
-
(Locked)
Service chaining15m 29s
-
(Locked)
Application aware routing (AAR), part 130m 11s
-
(Locked)
Application aware routing (AAR), part 215m 50s
-
(Locked)
Policy review4m 44s
-
(Locked)
-
-
(Locked)
Learning objectives58s
-
(Locked)
Direct Internet Access (DIA) NAT9m 4s
-
(Locked)
Policy-based Direct Cloud Access (DCA) and DIA, part 110m 32s
-
(Locked)
Policy-based Direct Cloud Access (DCA) and DIA, part 219m 11s
-
(Locked)
Cloud OnRamp for SaaS20m 10s
-
(Locked)
Cloud connectivity20m 16s
-
(Locked)
Cloud onRamp for Multicloud: AWS17m 53s
-
(Locked)
Cloud onRamp for Multicloud: GCP15m 8s
-
(Locked)
Cloud onRamp for Multicloud: Azure11m 17s
-
(Locked)
Cloud onRamp for Multicloud: Software Defined Cloud Interconnect (SDCI)15m 48s
-
(Locked)
Cloud onRamp for Multicloud: Backbone as a Service, transport16m 1s
-
(Locked)
Cloud onRamp for Multicloud: Backbone as a Service, policy25m 2s
-
(Locked)