CSWADV - Cisco Secure Workload Firewall Enforcement Agents, Data Flow Mapping & Advanced Policy Deployment

Cisco Secure Workload Firewall Enforcement Agents, Data Flow Mapping, and Advanced Policy Deployment, CSWADV, is a 5-day course exploring telemetry data, the flows corpus, and how Cisco Secure Workload Firewall Agent provides enforcement. This course will provide the details and hands-on activities necessary to successfully deploy, manage, and troubleshoot policies in Cisco Secure Workload.

Student Testimonials

Instructor did a great job, from experience this subject can be a bit dry to teach but he was able to keep it very engaging and made it much easier to focus. Student
Excellent presentation skills, subject matter knowledge, and command of the environment. Student
Instructor was outstanding. Knowledgeable, presented well, and class timing was perfect. Student

Click here to print this page »


The knowledge and skills that the learner should have before attending this course are as follows:
Knowledge of cloud and (virtual) data center architecture or cloud basic networking concepts
Familiarity with Cisco basic networking security concepts and application security concepts
High-level familiarity with basic telemetry protocols and Big Data analytics

Detailed Class Syllabus

Module 1: Cisco Secure Workload Firewall Agent

How the Cisco Secure Workload Firewall Agent Enforces Firewall Rules
Deploying and Managing Linux Enforcement Agents
Deploying and Managing Windows Enforcement Agents
Deploying and Managing AIX Enforcement Agents

Module 2: Cisco Secure Workload Enforcement Agent Components, Messaging, and Interaction

Enforcement Front End
Firewall and Catch-all Rules
The Preserve Rules Option
Agent Config Intents
Stateful Enforcement

Module 3: Enforcement Agent UI Configurations and Troubleshooting

Agent UI Configuration
Monitoring Agents
Platform Specific Enforcement Features and Requirements
Known Limitations
Troubleshooting Inbound and Outbound Firewall Rules

Module 4: Secure Connector, Edge and Ingest Appliances

Secure Connector Overview
Secure Connector features and configuration
Edge Appliance Overview
Edge Appliance configuration
Ingest Appliance Overview
Ingest appliance features and configurations

Module 5: Application Dependency Mapping

Application Management Workflow Cycle
Application Insight
ADM Process
ADM Run Results
Cluster Confidence

Module 6: Cisco Secure Workload Policy Analysis

Enable Policy Analysis
Live Policy Analysis
Backdated Policy Experiments
Quick Policy Analysis
Diagnosis Using Policy Analysis

Module 7: Cisco Secure Workload Analytics Policy Enforcement Overview

Policy Global Ordering & Conflict Resolution
Scope Priorities
Troubleshooting Policy Enforcement

Module 8: Cisco Secure Workload Flow Search

Understanding the Flow Corpus
Using Scopes to Filter Results
Searching with Conjunctions
Correlating Flow Data with Hosts and Processes
Leveraging Annotations

Module 9: Using Secure Workload Forensics

Forensic Signals
Configuring Forensics
Forensics Visualization and Alerts
Forensics Scoring
Network and Process Hash Anomaly Detection

Module 10: Cisco Secure Workload Apps and API

App Store
User Apps
Visualize Data Sources
Bring your own Data