Cisco Live, May 18-24, 2014, is quickly approaching and registration is open. This is the 25th anniversary of Cisco Live and we return to the Bay Area at San Francisco’s Moscone Center. Educational sessions are organized into technology tracks to make it easy to find the topics that most interest you. With network and data security being top of mind, I’d like to highlight the Security technology track’s exciting content lineup.
- Hands-on Labs
- Technical Seminars
- Technical Breakouts
- Panel Discussions
- Product or Solutions Overviews
There are six 4-hour or 8-hour labs providing hands-on experience, moderated by Cisco experts, in the Security technology track:
- LTRSEC-2014 — Basic Network Threat Defense, Countermeasures, and Controls
In this instructor-led lab, attendees will learn about inherent security features and techniques on Cisco IOS Software, including Management Plane hardening, Infrastructure Access-lists, and Data Plane hardening. Attendees will acquire hands-on experience configuring and testing these inherent security features and techniques in simulated real world threat scenarios.
- LTRSEC-2015 — Advanced Network Threat Defense, Countermeasures, and Controls
In this instructor-led lab, attendees will perform the role of a Security Incident Response Investigator and must correctly detect, classify, and prevent threats targeting a network by configuring and deploying advanced threat defenses and countermeasures, such as Control Plane Policing, IOS NetFlow, and Remotely-Triggered Black Hole (RTBH) Routing on network infrastructure devices.
- LTRSEC-2050 -- IOS FlexVPN Lab
In this instructor-led hands-on lab, we will examine various FlexVPN deployment configurations, including site to site, remote access, hub and spoke, dynamic spoke to spoke partial mesh, different redundancy options, and IPv6 integration.
- LTRSEC-2740 -- ASA Clustering Deployment and Troubleshooting
This is a deep dive hands-on lab session where attendees will work with the practical aspects of deploying Adaptive Security Appliance (ASA) clusters and troubleshooting connectivity issues with the adjacent network infrastructure devices.
- LTRSEC-3021 -- ASA Hands-on Troubleshooting Lab
Led by Cisco Services Technical Leaders from the Technical Assistance Center (TAC), participants will learn troubleshooting skills and techniques for diagnosing and fixing network problems on the Adaptive Security Appliance (ASA)
- LTRSEC-3022 -- ASA version 9.1 NAT Hands-on Configuration Lab
Led by Cisco Services Technical Leaders from the Technical Assistance Center (TAC), we will educate students on the configuration and troubleshooting methodologies of Network Address Translation (NAT) on the ASA.
There are four 8-hour technical seminars covering design principles and best practices in the Security technology track:
- TECSEC-2053 -- Deploying PKI for 802.1x and SSLVPN
This session will provide design, deployment, and troubleshooting advice and best practices for engineering staff working with certificate based solutions in wired, wireless, 802.1X and VPN environments.
- TECSEC-2060 -- Cyber Security -- Cisco Cyber Range Techtorial
This session features an interactive environment where participants will become the staff of an operations center and gain exposure to working in network and security operations and incident response functions. Think of this as a sort of CCNP Security or CCIE Security operations practical in a live fire environment.
- TECSEC-2662 -- How to Design and Deploy BYOD -- Validated Best Practices
This seminar features some of our top engineers who have contributed to and developed the Cisco Validated Design (CVD) for BYOD. They will share what they learned over the past several years in developing, testing, and working with customers on BYOD.
- TECSEC-3450 -- Integrating Next-Generation IPS (NGIPS) and Next-Generation Firewalling (NGFW) with Advanced Malware Protection(AMP) into the Network Fabric
This seminar debuts our new Sourcefire staff at Cisco Live. They’ll be sharing with engineers the latest information and advice about how Sourcefire technology is mapping into Cisco products and solutions and best practices to deploy in a variety of network environments. This seminar will feature talks, demonstrations and some lab exercises.
There are sixty-four 90-minute or 2-hour technical breakouts focusing on technologies, architectures, applications, and troubleshooting in the Security technology track. Some examples are:
- BRKSEC-1001 -- Emerging Threats 2014
Emerging Threats 2014 will provide a holistic look at cyber security risks, including the current trust, privacy and identity issues, infrastructure attacks, criminals and cybercrime, activists and terrorists geopolitics, malware and botnets, social engineering, attack toolkits, and other threats.
- BRKSEC-1011 -- Written to Realized Security Policy
This session will show how written security policy can be enforced using Cisco Security architecture.
- BRKSEC-1031 -- Introduction to Malware Protection
This session will explore Cisco’s comprehensive malware protection solution, which offers continuous detection and remediation capabilities to address the advanced malware problem.
- BRKSEC-2004 -- Securing My SP Network
If you are a security professional and work for a company that outsources your network (either all or portions); what questions should you be asking your provider?
- BRKSEC-2005 -- The Internet of Things: a Double-Edged Sword. How Can You Embrace it Securely?
This session is a must for IT and network managers and enterprise architects who want to understand their very crucial role in IoT.
- BRKSEC-2010 -- Emerging Threats -- The State of Cyber Security
Cisco’s Threat Research Analysis and Communications (TRAC) team specializes in early-warning intelligence and threat analysis necessary for maintaining a secure network. In this talk we perform deep analysis of recent threats and see how TRAC leverages indicators of compromise (IOC) against large datasets to deliver product improvements and mitigation strategies.
- BRKSEC-2012 -- Inside Cisco’s Product Security Incident Response Team (PSIRT)
This presentation provides an inside look at Cisco PSIRT and a comprehensive security program that combines industry-leading secure software development best practices, processes, and tools.
- BRKSEC-2014 -- Using Data Analytics to Uncover Indicators of Compromise on your Network
This session provides strategies that will enable participants to make use of their existing network infrastructure to identify and defend against complex threats. It will cover the state of today’s threat landscape, current threat models for IP networks, an approach to Incident Response, and how to leverage Data Analytics, specifically DNS and NetFlow, to help in the detection and mitigation of existing, current, and emerging threats.
- BRKSEC-2073 -- NetFlow Security Monitoring with Cisco Threat Defense (CTD)
This session takes an in depth look at NetFlow with the goal of leveraging the technology to provide heightened visibility and context into network traffic in order to identify attackers and accelerate incident response.
- BRKSEC-2760 -- Security at the Speed of the Network: automating and accelerating security through SDN
This session looks at possible future Software Defined Networking (SDN) solutions offering a way to respond to attacks with the speed of the network.
- BRKSEC-2900 -- Resilient WAN and security for distributed networks with Cisco Meraki MX
This session will provide an introduction to the Meraki architecture and a deep-dive into resilient WAN connectivity and security via the Cisco Meraki MX security appliance product line.
- BRKSEC-2902 -- Embrace Cloud Web Security with your Cisco Network
This breakout session will give a technical overview and live demo of the some of the deployment options available for integration to the cloud from Cisco network devices.
- BRKSEC-3001 -- Advanced IKEv2 Protocol
This session will give an overview of the ISAKMP (IKEv1) protocol for comparison and then go into a detailed examination of the IKEv2 including algorithms, packet flow and packet bits and bytes.
- BRKSEC-3005 -- Securing Cyber-Physical-Converged Assets in the Internet of Things (IoT)
Ensuring that the IoT infrastructure of the future is resilient in the face of attacks, existing and unknown, is essential to integrating the cyber and physical environments.
- BRKSEC-3031 -- Intrusion Prevention, Signature Development, and the Modern Mouse Trap
In this session we’ll look at how to go beyond the out-of-box IPS solution and customize protection to your environment -- tailored to your data and threats.
- BRKSEC-3050 Troubleshooting Remote Access SSL VPN in BYOD Scenarios
In this session, you will learn numerous tips and best practices when troubleshooting problems related to SSL VPN and Secure Mobility. This session is designed for networking and security professionals who have deployed or are planning to deploy remote access SSL VPN solutions.
- BRKSEC-3051 -- Troubleshooting GETVPN Deployments
This session presents techniques and tools for troubleshooting Group Encrypted Transport (GETVPN).
- BRKSEC-3061 -- Detect and Protect Against Security Threats, Before It’s Too Late!
This session will provide details about the current threat landscape and how these threats are evolving in the future.
- BRKSEC-3066 -- How we parse the threat environment with the Sourcefire VRT team
This session covers the contemporary threat landscape in plain English and how primary vulnerability research and intelligence is the foundation for security effectiveness.
- BRKSEC-3770 -- Advanced -- Don’t be a phish: deep dive into e-mail authentication techniques
This advanced session will provide an in-depth review of SPF, DKIM and DMARC, the prevalent message authentication techniques, and how Cisco Email Security products can utilize them
There are two 90-minute panel discussions in the Security technology track:
- PNLSEC-2001 -- Securing a Service Provider Provided Network (Panel)
If you are a security professional and work for a company that outsources your network (either all or portions), what questions should you be asking your provider?
- PNLSEC-2002 -- Identifying and Resolving Challenges to Network Security Policies and Incident Response (Panel)
This panel discussion will feature Security professionals from Cisco and large US Enterprise and Government customers discussing the greatest security policy challenges that they have encountered in the past 18 months and strategies they used to overcome these challenges.
Product or Solutions Overviews
There are three 1-hour product or solutions overviews in the Security technology track:
- PSOSEC-2001 -- BYOD: Management and Control for the Use and Provisioning of Mobile Devices
This session discusses key considerations and Cisco’s end-to-end BYOD architecture through mobile device identification, user authentication, device registration, certificate & supplicant provisioning, and self-serve device revoking.
- PSOSEC-2002 -- Identity Services Engine
This session will provide an update on the latest updates and innovations with the Cisco Identity Services Engine, and the Secure Unified Access System.
- PSOSEC-2003 -- Key Security Measures to Enable Next-generation Data Center Transformation
This session will focus on key security measures that executives and data center teams can leverage to enable data center innovation and to move the business forward quickly.
You can register and find all the information at Cisco Live and follow Cisco Live on Twitter, Facebook , Google+, LinkedIn and Flickr for the latest updates and information on upcoming events. You can also access the free content from previous Cisco Live presentations at Cisco Live online.
Add us to your Cisco Live San Francisco schedule, and we’ll see you there!
Tags: ASA, byod, cisco live, Cisco Live US, Cisco Live! 2014, Cloud Computing, cybersecurity, data security, firewall, IoT, malware, mitigations, network security, Network Threat Defense, psirt, security, security training, training, vpn