This course provides an overview of the IoT enabled industrial verticals (manufacturing, energy, O&G, utilities, process control), architectures, and IIoT security requirements, frameworks, and regulations. Security protocols, vulnerabilities, and the process of securing against the vulnerabilities are examined in depth and practiced in the hands-on lab environment. We suggest students who wish to take this course are well-versed in IP Networking Basics, OT Networking Basics, and Network Security Basics, with an IINS or CCNA Security equivalent. For more detailed information regarding this Cisco Security training course, you can find course objectives and recommended student-types below.
Prerequisites:
The knowledge and skills that a learner should have before attending this course are as follows:
- IP Networking Basics: INICS, ICND1 equivalent
- OT Networking Basics: ICINS, IMINS or IMINS2
- Network Security Basics: IINS or CCNA Security equivalent
Course Objectives:
Upon completing this course, the learner will be able to meet these overall objectives:
- Understand the convergent enterprise and industrial IoT architecture, components and applications
- Contrast enterprise IT vs. industrial OT security
- Define layered security requirements from the network edge to the core, and from access to applications layer
- Protect endpoints, communications as well as data at rest and in motion
- Compliance to standards and regulations and auditing
- Understand protocols, applications and IPv6 for IIoT
- Identify vulnerabilities and threat
- Familiarize with common implementation issues
- Assess, monitor and detect vulnerabilities
- Walk through IIoT attacks
- Adopt best practices in design principles and process for securing and segmenting IIoT networks
- Application of the converged security model for the broader industry: manufacturing, utilities, transportation, O&G
- Secure and monitor/detect the IIoT framework with next generation security products and tools
Course Outline:
- Lesson 1: Describing Converged Enterprise and Industrial IoT Networks, Architectures, and Frameworks
- Lesson 2: Describing Industrial IoT Network Security Requirements
- Lesson 3: Describing Protocols Used in Converged Enterprise and Industrial IoT Networks
- Lesson 4: Analyzing IoT Vulnerabilities
- Lesson 5: Exploiting Vulnerabilities in Industrial IoT Networks
- Lesson 6: Describing the Process of Securing Industrial IoT Networks
- Lesson 7: Hardening Devices in Industrial IoT Networks
- Lesson 8: Implementing Network Infrastructure Security in Industrial IoT Networks
- Lesson 9: Describing the Characteristics of Cisco NGFWs in Industrial IoT Networks
- Lesson 10: Securing Communications in in Industrial IoT Networks Using Basic Cisco NGFW and Cisco NGIPS Features
- Lesson 11: Implementing Advanced Security Features on NGFW and NGIPS in Industrial IoT Networks
- Lesson 12: Using the Cisco TrustSec Solution in Industrial IoT Networks
- Lesson 13: Implementing VPN Solutions in Industrial IoT Networks
- Lesson 14: Describing the Industrial IoT Network Framework and Regulations
- Lesson 15: Bonus Content: Describing Physical Security in Industrial IoT Networks
- Lesson 16: Bonus Content: Monitoring Industrial IoT Networks
Lab Outline:
Labs are designed to assure learners a whole practical experience, through the following practical activities:
- Discovery 1: Explore an Industrial IoT Network
- FASTLab 1: Explore Industrial IoT Network Components and Identify Their Security Requirements
- Discovery 2: Analyze Layer 2 and Layer 3 Network Protocol Traffic in an Industrial IoT Network
- Discovery 3: Analyze Operations Technology Protocol Traffic
- Discovery 4: Explore Assets and Detect Vulnerabilities in an Industrial IoT Network
- Discovery 5: Insert a Rogue Device
- Discovery 6: Implement an Attack Against OT Assets
- FASTLab 2: Analyze Attacks Against IoT Networks
- FASTLab 3: Classify Assets and Identify Relationships Between Assets in Industrial IoT Network
- Discovery 7: Implement Device Hardening on Industrial Network Devices
- Discovery 8: Explore Network Infrastructure Security Features on Cisco Industrial Ethernet Switches
- Discovery 9: Explore Network Infrastructure Security Features on Cisco Industrial Ethernet Switches 2
- Discovery 10: Implement Cisco NGFWs in Routed Mode and in Transparent Mode in an Industrial IoT Network
- Discovery 11: Implement Access Control for Network Segments
- Discovery 12: Implement a Cisco FirePOWER Module with Basic Settings
- Discovery 13: Implement Advanced Access Control and OT Application Inspection for Network Segments
- Discovery 14: Implement IEEE 802.1X on Industrial Switches
- Discovery 15: Implement SGTs on Industrial Switches
- Discovery 16: Implement a Remote-Access VPN to Manage Industrial IoT Networks
- Discovery 17: Explore Industrial IoT Network Components and Identify the Applicable Security Standards and Regulations
The primary audience for this course is as follows:
- Security Engineer
- Security Operations
- Security Analysts
- Systems, Solutions Architects
- System Integrators
- Senior OT Engineers