Course Length: 10 weeks (80 hours) CCIE Instructor-led, hands-on lab training

[Request more information about this course]
See schedule

[Download CCIE Security brochure]

CCIE Security Tuition: $3,950

Current Retake Policy: Students are granted the following retake option (assuming the same course)

a. retake once within six months: free

b. retake between six months and 1-1/2 year: pay 50% of the tuition

c. retake between 1-1/2 and 2 years: pay 75% of the tuition

Important Note: Passing an Entrance Exam administered by TCY is required. The cost of the exam is $50 each (the last successful exam fee will be credited towards the tuition) This is to ensure that all the prospective students possess the proficiency neccesary to tackle the rigors of the CCIE training. The entrance exam is a 60-minute hands-on lab exam. The maximum possible point total is 100. The passing score is 60. The exam will be graded by the CCIE instructor.

As preparation, TCY offers a post-CCNP/pre-CCIE course named Troubleshooting IP Routing Protocols. It is a 4-week, 32-hour course. Students are encouraged to take this course as preparation for the CCIE course.

Please contact John for more details.

Hardware: supported by eight (8), fully-loaded CCIE racks (each rack has a with full complement of devices including terminal server, 6 routers, Catalyst 3550 L2/L3 switch, Frame Relay Switch, PIX Firewall, etc. Free Remote Access time slots available to students!

Topics to be Covered:
I. Bridging and Switching 
frame relay; Catalyst VLAN; Catalyst VTP; Port-VLAN
assignments; Basic ATM configuration; Catalyst mgt & 
security; 802.1x; Traffic control & congestion mgt; 
Catalyst features and advanced configuration

II. IGP Routing 
OSPF, EIGRP & RIP configurations and security; PIX 
routing; VPN3000 routing

III. PIX Firewall
PIX configuration; management; address translation(NAT
Global, static); ACL, conduit; routing; object groups, 
VLANs; AAA; VPN; DHCP; PPPoE; Filtering.

IV. BGP
Basic IBGP, EBGP & BGP backbone configurations*;
BGP security; Summarization, filtering 

V. IP/IOS Features
IP Services; QoS; NAT/PAT; NTP; DHCP;SNMP; IOS
Features and user interfaces; Avanced IP/IOS features

VI. IP and IOS Features 
IP addressing , DHCP, HSRP, IP services, Mobile IP; 
IOS user interfaces; System management; NAT NTP; 
SNMP; RMON; Accounting

VII. AAA
Tacacs+; Radius, Switch and router mgt; PIX management; VPN3000 mgt; Proxy authenticate; Service authenticatio FTP, telnet, HTTP.
VIII. VPN
IPSec LAN-to-LAN (IOS/PIX/VPN3000) DMVPN; Pre-shared; CA(PKI); remote access VPN; VPN3000 concentrator; WebVPN; Xauth, split-tunnel, RRI, NAT-T; high availability; Ipsec redundancy; QoS for VPN; GRE, mGRE, L2TP

IX. IOS Firewall
CBAC, Audit, Auth Proxy, PAM, Access control, performance tunning, advanced IOS firewall feature

X. Advanced Security
DoS/DDoS attacks; Network/ Host attacks; Packet marking techniques; Mitigation techniques; Security RFCs; Service provider security; Black holes, sink holes; Access lists; Lock-and-Key access-list Reflexive access-list; TCP intercept; uRPF; CAR 
NBAR; Netflow; 802.1x;PBR;Flooding; Spoofing 
Policing; Fragmentation; Sniffer traces
XI. Intrusion Detection System
IDS sensor appliance 42XX; Sensor configuration 
Signature tuning; Shunning; TCP resets; Sensor features; IEV;IOS IDS; PIX IDS; SPAN, RSPAN