Module 1: Cisco ACI Software Defined Networking (SDN) Architecture

Objective: Gain comprehensive knowledge of the Cisco SDN Architecture implementation of hardware and software

• Lesson 1: ACI SDN Network Architecture
• Lesson 2: ACI Zero Trust Model and Security constructs
• Lesson 3: ACI Physical Server Integration
• Lesson 4: ACI Security for Physical or Virtual Workloads
• Lesson 5: ACI L3Out external routing

Module 2: Secure Hypervisor integration with Cisco ACI

Objective: Understand the secure integration of leading hypervisors with Cisco Application Centric Infrastructure (ACI)

• Lesson 1: Nutanix AHV (Nutanix Acropolis Hypervisor)
• Lesson 2: VMware ESXi and vCenter
• Lesson 3: Microsoft Hyper-V with System Center Virtual Machine Manager (SCVMM)
• Lesson 4: Red Hat OpenStack
• Lesson 5: Google Kubernetes
• Lesson 6: Kernel-based Virtual Machine (KVM)

Module 3: Cisco ACI Native Access Control

Objective: Explore, configure, and evaluate all the native Cisco ACI access control mechanisms

• Lesson 1: ACI L4-L7 Service Graph
• Lesson 2: ACI Service Graph Template
• Lesson 3: Concrete Object
• Lesson 4: Service Chaining with multiple highly available devices
• Lesson 5: Managed vs Unmanaged L4-L7 ACI Integration
• Lesson 6: Integrating Cisco ASAv
• Lesson 7: Transparent vs Routed Mode Security Device Integration
• Lesson 8: Contracts to insert security services into ACI
• Lesson 9: L3Out routing integration with security devices

Module 4: Cisco ACI and NGFW Integration

Objective: Develop skills in understanding the value and approach of Cisco ACI and NGFW integration

• Lesson 1: Next Generation Firewall (NGFW) Integrated Security Architecture
• Lesson 2: Cisco Secure Firewall Management Center (FMC)
• Lesson 3: Cisco Secure Firewall Threat Defense Virtual (formerly FTDv/NGFWv) and Cisco Secure Firewall Management Center (FMC) enabling on Nutanix AHV
• Lesson 4: Firepower Management Center Endpoint Update App for the Cisco Application Centric Infrastructure (ACI)
• Lesson 5: NGFW Routed, switch, or inline interface mode
• Lesson 6: ACI L4-L7 Policy Based Redirect (PBR) to security service
• Lesson 7: ACI PBR for micro-segmentation
• Lesson 8: Extend PBR security services to ACI Multi-Pod
• Lesson 9: Cisco NGFW zone-based policies in FMC
• Lesson 10: Threat detection with Cisco intrusion detection systems (IDS) to ACI Insertion
• Lesson 11: Threat detection with Cisco intrusion prevention systems (IPS) to ACI Insertion
• Lesson 12: Cisco ACI Integration with SPAN for IDS and IPS
• Lesson 13: Distributed Denial of Service (DDoS) Services Insertion
• Lesson 14: Cisco DC App ACI Endpoint Update to push endpoint information to the ASA or FMC

Module 5: Application Policy Infrastructure Controller (APIC) Security and Hardening

Objective: Learn the method of adding security to the APIC for all management and programmatic functions

• Lesson 1: APIC Hardening
• Lesson 2: APIC Northbound Protocols
• Lesson 3: APIC Northbound Authentication
• Lesson 4: ACI Role-Based Access Control (RBAC) for secure access
• Lesson 5: Audit logs for ACI changes
• Lesson 6: Certificate-based authentication
• Lesson 7: Two-factor authentication

Module 6: Administering Physical ACI Security

Objective: Master the administration of ACI Physical Security

• Lesson 1: Remote Leafs
• Lesson 2: MACsec on ACI leafs
• Lesson 3: Enabling 802.1x on ACI leafs
• Lesson 4: NXOS Image signing and verification

Module 7: Cisco ACI Multidomain Security

Objective: Develop skills in understanding the value and approach of Cisco ACI and VMware NSX integration

• Lesson 1: Trustsec Policy Domain
• Lesson 2: Cisco Identity Services Engine (ISE) for a cohesive security policy
• Lesson 3: Trustsec Security Group to ACI External EPG security translation
• Lesson 4: Stealthwatch and ACI Integration
• Lesson 5: Cisco ACI and Cisco Secure Workload Integration
• Lesson 6: Cisco ACI and Cisco Secure Workload Rapid Threat Containment