Course Overview
Module 1: Cisco Secure Workload Firewall Agent
- How the Cisco Secure Workload Firewall Agent Enforces Firewall Rules
- Deploying and Managing Linux Enforcement Agents
- Deploying and Managing Windows Enforcement Agents
- Deploying and Managing AIX Enforcement Agents
Module 2: Cisco Secure Workload Enforcement Agent Components, Messaging, and Interaction
- Enforcement Front End
- Firewall and Catch-all Rules
- The Preserve Rules Option
- Agent Config Intents
- Stateful Enforcement
Module 3: Enforcement Agent UI Configurations and Troubleshooting
- Agent UI Configuration
- Monitoring Agents
- Platform Specific Enforcement Features and Requirements
- Known Limitations
- Troubleshooting Inbound and Outbound Firewall Rules
Module 4: Secure Connector, Edge and Ingest Appliances
- Secure Connector Overview
- Secure Connector features and configuration
- Edge Appliance Overview
- Edge Appliance configuration
- Ingest Appliance Overview
- Ingest appliance features and configurations
Module 5: Application Dependency Mapping
- Application Management Workflow Cycle
- Application Insight
- ADM Process
- ADM Run Results
- Cluster Confidence
Module 6: Cisco Secure Workload Policy Analysis
- Enable Policy Analysis
- Live Policy Analysis
- Backdated Policy Experiments
- Quick Policy Analysis
- Diagnosis Using Policy Analysis
Module 7: Cisco Secure Workload Analytics Policy Enforcement Overview
- Policy Global Ordering & Conflict Resolution
- Scope Priorities
- Troubleshooting Policy Enforcement
Module 8: Cisco Secure Workload Flow Search
- Understanding the Flow Corpus
- Using Scopes to Filter Results
- Searching with Conjunctions
- Correlating Flow Data with Hosts and Processes
- Leveraging Annotations
Module 9: Using Secure Workload Forensics
- Forensic Signals
- Configuring Forensics
- Forensics Visualization and Alerts
- Forensics Scoring
- Network and Process Hash Anomaly Detection
Module 10: Cisco Secure Workload Apps and API
- App Store
- User Apps
- Visualize Data Sources
- Bring your own Data
- OpenAPI
Lab Outline:
Labs are designed to assure learners a whole practical experience, through the following practical activities:
Lab 1: Cisco Secure Workload GUI Familiarization
- Task 1: Log in to Cisco Secure Workload and Explore the Security Dashboard
- Task 2: Explore the Visibility Dashboard
- Task 3: Explore the Visibility Flow Search Options
- Task 4: Explore the Visibility Inventory Search Options
Lab 2: Software Agent Installation
- Task 1: Configure Agent Intents
- Task 2: Install the Enforcement Agent for Linux
- Task 3: Install the Enforcement Agent for Windows
- Task 4: Monitor Enforcement Agent Status
Lab 3: Importing Context Data
- Task 1: Upload User-Defined Annotations
- Task 2: View User-Defined Annotations
- Task 3: Search by User-Defined Annotations
Lab 4: Scopes
- Task 1: Navigate Scopes
- Task 2: Create a Scope
- Task 3: Edit a Scope
Lab 5: Application Dependency Mapping with Agents
- Task 1: Create an Application Workspace
- Task 2: Examine Conversations
- Task 3: Examine Endpoint Clusters
- Task 4: Create an Application View
Lab 6: Implementing Policy
- Task 1: Gather IP Address Information
- Task 2: Create the Server Load Balancing Information File
- Task 3: Create an Application Workspace
- Task 4: Review Day 0 and Automated Policies
Lab 7: Policy Enforcement and Compliance
- Task 1: Enable Policy Enforcement and Compliance
- Task 2: Test Policy Enforcement and Compliance
- Task 3: Monitor and Troubleshoot Policy Enforcement Status and Compliance
Lab 8: Workload Security
- Task 1: Review Packages and CVE Reports
- Task 2: Review Policy Enforcement
- Task 3: Review Rule Order and Efficiency
Lab 9: Secure Connector, Edge and Ingest Appliances
- Task 1: Review Secure Connector deployment and configurations
- Task 2: Review Edge and Ingest Appliance deployment and configurations
