We provide virtual course about SAUI: Implementing Automation for Cisco Security Solution. The Implementing Automation for Cisco Security Solutions (SAUI) course teaches you how to design advanced automated security solutions for your network.
Course description:
This course will teach you when to use the API for each Cisco security solution to drive network efficiency and reduce complexity. Through a combination of lessons and hands-on labs, you will master the use of modern programming concepts, RESTful application program interfaces (APIs), data models, protocols, firewalls, web, Domain Name System (DNS), cloud, email security, and Cisco® Identity Services Engine (ISE) to strengthen cybersecurity for your web services, network, and devices.
You will learn to work within the following platforms: Cisco Firepower® Management Center, Cisco Firepower Threat Defense, Cisco ISE, Cisco pxGrid, Cisco Stealthwatch® Enterprise, Cisco Stealthwatch Cloud, Cisco Umbrella®, Cisco Advanced Malware Protection (AMP), Cisco Threat grid, and Cisco Security Management Appliances.
Course objectives:
After completing this course you should be able to:
• Describe the overall architecture of the Cisco security solutions and how APIs help enable security
• Know how to use Cisco Firepower APIs
• Explain how pxGrid APIs function and their benefits
• Demonstrate what capabilities the Cisco Stealthwatch APIs offer and construct API requests to them for configuration changes and auditing purposes.
• Describe the features and benefits of using Cisco Stealthwatch Cloud APIs
• Learn how to use the Cisco Umbrella Investigate API
• Explain the functionality provided by Cisco AMP and its API
• Describe how to use Cisco Threat Grid APIs to analyze, search, and dispose of threats
Course content:
Module 1 - Introducing Cisco Security APIs:
• Role of APIs in Cisco Security Solutions
• Cisco Firepower, Cisco ISE, Cisco pxGrid and Cisco Stealthwatch APIs
• Use Cases and Security Workflow
Module 2 - Consuming Cisco Advanced Malware Protection APIs:
• Cisco AMP Overview
• Cisco AMP Endpoint API
• Cisco AMP Use Cases and Workflows
Module 3 - Using Cisco ISE:
• Introducing Cisco Identity Services Engine
• Cisco ISE Use Cases
• Cisco ISE APIs
Module 4 - Using Cisco pxGrid APIs:
• Cisco pxGrid Overview
• WebSockets and STOMP Messaging Protocol
Module 5 - Using Cisco Threat Grid APIs:
• Cisco Threat Grid Overview
• Cisco Threat Grid API
• Cisco Threat Grid Use Cases and Workflows
Module 6 - Investigating Cisco Umbrella Security Data Programmatically:
• Cisco Umbrella Investigate API Overview
• Cisco Umbrella Investigate API: Details
Module 7 - Exploring Cisco Umbrella Reporting and Enforcement APIs:
• Cisco Umbrella Reporting and Enforcement APIs Overview
• Cisco Umbrella Reporting and Enforcement APIs: Deep Dive
Module 8 - Automating Security with Cisco Firepower APIs:
• Review Basic Constructs of Firewall Policy Management
• Design Policies for Automation
• Cisco FMC APIs in Depth
• Cisco FTD Automation with Ansible
• Cisco FDM API In Depth
Module 9 - Operationalizing Cisco Stealthwatch and the API Capabilities:
• Cisco Stealthwatch Overview
• Cisco Stealthwatch APIs: Details
Module 10 - Using Cisco Stealthwatch Cloud APIs:
• Cisco Stealthwatch Cloud Overview
• Cisco Stealthwatch Cloud APIs Deep DIve
Module 11 - Describing Cisco Security Management Appliance APIs:
• Cisco SMA APIs Overview
• Csico SMA API
Labs:
• Veeam Backup & Replication v12: Configure, Manage – virtual
• Query Cisco AMP Endpoint APIs for Veerifying Compliance
• Use the REST API and Cisco pxGrid with Cisco Identity Services Engine
• Construct a Python Script Using the Cisco Threat Grid API
• Query Security Data with the Cisco Umbrella Investigate API
• Generate Reports Using the Cisco Umbrella Reporting API
• Explore the Cisco Firepower Management Center API
• Use Ansible to Automate Cisco Firepower Threat Defense Configuartion
• Automate Firewall policies Using the Cisco Firepower Device Manager API
• Automate Alarm Policies and Create Reports Using the Cisco Stealthwatch APIs
• Construct a Report Using Cisco Stealthwatch Cloud APIs
• Construct Reports Using Cisco SMA APIs
Target audience:
Individuals looking to use automation and programmability to design more efficient networks, increase scalability and protect against cyberattacks.
Prerequisites:
Attendees should meet the following prerequisites:
• Basic programming language concepts
• Basic understanding of virtualizationAbility to use
• Linux and Command Line Interface (CLI) tools, such as Secure Shell (SSH) and bashw
• CCNP level core networking knowledge
• CCNP level security networking knowledge
Recommended prerequisites:
• DEVCOR - Developing Applications Using Cisco Platforms and APIs
• SCOR - Implementing and Operating Cisco Security Core Technologies
Language:
• English course material, english speaking instructor
Certification:
This course helps you prepare to take exam 300-735 - Automating and Programming Cisco Security Solutions (SAUTO). The 300-735 exam is is one of the concentration exams for the CCNP Security Certification. To obtain the CCNP Security Certification you will also need to take the 300-701 SCOR exam.
After you pass 300-735 SAUTO exam, you also earn the Cisco Certified DevNet Specialist - Security Automation and Programmability certification, and you satisfy the concentration exam requirements for the Cisco Certified DevNet Professional certification.