BEGIN:VCALENDAR VERSION:2.0 PRODID:Events Booking BEGIN:VEVENT UID:69d3bf09cf5f4 SUMMARY:Bechtle Bremen Secure Access Deep Dive V1 DESCRIPTION:Solution Overview Modern organizations like PseudoCo face inc reasing challenges in deploying consistent security policies across their hybrid environments\, encompassing headquarters\, data centers\, branches\ , and remote users. The evolving threat landscape\, distributed workforce\ , and the complexity of rapidly onboarding new locations\, users\, and dev ices often lead to inconsistent policy enforcement and dangerous visibilit y gaps. PseudoCo recognized that when their users and IoT devices move b etween locations—from office to home or branch to cloud—inconsistent p olicy enforcement created dangerous visibility gaps\, leaving their securi ty teams blind to threats as policies failed to follow users in real-time. To address these critical security and access challenges\, PseudoCo has decided to deploy Cisco SASE with Cisco Secure Access and Duo\, aiming to achieve the best in Zero Trust Access. This lab provides a hands-on exper ience in configuring and validating such a solution. What is Cisco Secur e Access  Cisco Secure Access is a comprehensive Zero Trust Access solu tion designed to provide secure\, identity-based access to private applica tions and resources\, regardless of user location or device. It ensures th at security policies are consistently applied and follow users in real-tim e\, eliminating visibility gaps and enhancing overall security posture. Fo r PseudoCo\, Cisco Secure Access is the cornerstone of their strategy to o vercome the complexities of securing a distributed workforce and hybrid IT infrastructure. What it delivers Cisco Secure Access delivers a unifi ed approach to security and access\, enabling organizations like PseudoCo to implement: Consistent Security Policy Enforcement: Deploy and en force uniform security policies across diverse environments\, including he adquarters\, data centers\, branches\, and for remote users\, ensuring tha t security travels with the user and device.  Enhanced Visibility and C ontrol: Eliminate dangerous visibility gaps by ensuring policies follow users in real-time\, providing security teams with continuous insight into access patterns and potential threats. Simplified Onboarding: Streaml ine the process of onboarding new locations\, users\, and devices rapidly and securely\, reducing operational overhead. Zero Trust Access: Imple ment a robust Zero Trust framework where every access request is verified\ , minimizing the attack surface and protecting critical private applicatio ns. Secure Connectivity: Provide secure and optimized connectivity for remote users to private applications hosted in data centers\, improving u ser experience while maintaining stringent security.  What You Will Learn In this guided\, hands-on course\, you will explore how to design\ , deploy\, and validate a modern Zero Trust Access solution using Cisco Se cure Access\, specifically tailored to PseudoCo's needs. You will learn: How to onboard private data center routers and create Network Tunnel G roups (NTGs). How to deploy and configure Resource Connectors to enable secure access to private applications.  How to integrate Active Directo ry and Duo Security with Secure Access for identity-based access control. How to implement SAML-based authentication for Zero Trust proxy workflow s. How to configure device posture profiles\, private resources\, and ac cess policies that follow users and devices based on Identity. How to va lidate route propagation\, tunnel health\, and user access through CLI and dashboard tools.  How to integrate ThousandEyes for performance visibi lity. Explore Key Features During this lab\, you will actively conf igure and explore key features of Cisco Secure Access that PseudoCo is lev eraging to secure their environment: Network Tunnel Groups (NTGs):  You will learn to establish secure tunnels from PseudoCo's private data ce nter to Cisco Secure Access\, enabling secure access to internal applicati ons.  Resource Connector: Learn to deploy and configure Resource Connec tors to provide secure\, policy-driven access to private applications in P seudoCo’s environment. Identity-Based Access Control: Experience int egrating PseudoCo's existing Active Directory with Duo Security and Cisco Secure Access to enforce granular access policies based on user identity a nd multi-factor authentication. SAML-based Authentication: Implement S AML for seamless and secure authentication workflows\, critical for Pseudo Co's Zero Trust proxy model. Device Posture Profiles: Configure polici es that assess the security posture of PseudoCo's user devices\, ensuring only compliant devices can access sensitive resources.  Dynamic Access Policies: Create and test access policies that dynamically adjust based on user identity\, device posture\, and application\, ensuring consistent security as PseudoCo's users move between locations. ThousandEyes Integr ation: Understand how to integrate ThousandEyes to gain end-to-end visib ility into the performance and availability of PseudoCo's applications and network paths through Secure Access. Customer Business Outcomes Up on completing this lab\, you will understand how PseudoCo achieves signifi cant business outcomes through their Cisco Secure Access deployment\, incl uding:  Enhanced Security Posture: A robust Zero Trust architectur e that consistently protects PseudoCo's private resources from evolving th reats. Operational Efficiency: Streamlined security management and red uced complexity in securing a hybrid and distributed environment. Improv ed User Experience: Seamless and secure access for PseudoCo's remote and branch users to critical applications\, fostering productivity. Regulat ory Compliance: The ability to enforce consistent policies helps PseudoC o meet compliance requirements across their global operations.  Reduced Risk: Minimized visibility gaps and proactive threat detection through real-time policy enforcement and integrated monitoring. Lab Requireme nts To complete this lab\, you will need a laptop or desktop\, a mobile phone\, and the Duo Mobile app. Attendees will be provided with all nece ssary access and environments for this hands-on lab: Full admin acces s to a virtual data center environment deployed in one of Cisco's dCloud D ata Center locations. This environment will simulate PseudoCo's own infras tructure. Full access to a unique Cisco Secure Access organization\, rep resenting PseudoCo's Secure Access implementation. These Secure Access Org s are fully provisioned to be configured for infrastructure in any Secure Access region. Basic understanding of networking concepts and security p rinciples is recommended.  You will act as both a Security Administrato r and an End-User for PseudoCo during this lab. You will be given step-b y-step guided tasks using virtual lab infrastructure\, performing CLI veri fication\, dashboard workflows\, and real-world attack simulation scenario s. If you are unsure which dCloud Data Center your lab infrastructure is located in\, please check with your proctor. Components  This lab focuses on the integration and configuration of the following key Cisco a nd related technologies for PseudoCo's Zero Trust Access solution: Ci sco Secure Access: The core Zero Trust Access platform. Cisco Duo Secu rity: For multi-factor authentication and identity-based access policies . Cisco SASE: The broader Secure Access Service Edge framework that Ci sco Secure Access is part of.  Active Directory: PseudoCo's existing identity provider for user authentication. ThousandEyes: For network a nd application performance monitoring and visibility. Private Data Cente r Routers: Representing PseudoCo's on-premises network infrastructure. Recommendation Attendees will connect to a unique Cisco Secure Acces s organization\, which acts as the policy enforcement point. It is recomme nded that Tunnels\, IP Pools\, and VPN configurations are set up in the Se cure Access region closest to the dCloud Data Center virtual data center e nvironment you are using\, optimizing connectivity between PseudoCo's simu lated private resources and the Secure Access cloud. This setup allows for hands-on configuration of secure connectivity between remote users and pr ivate applications within PseudoCo's secure data center.   LOCATION:Germany DTSTART:20260219T030000Z DTEND:20260219T220000Z DTSTAMP:20260209T144118Z ORGANIZER;CN=Cisco Security Workshops:MAILTO:no-reply@ciscosecurityworkshop .com GEO:51.163818;10.447831 X-APPLE-STRUCTURED-LOCATION;VALUE=URI;X-ADDRESS=Germany;X-APPLE-RADIUS=72;X -TITLE=Germany:51.163818;10.447831 END:VEVENT END:VCALENDAR