Cisco ARCH 2.0: Security Services Design

This course is included in our On-demand training solution.


To recognize design considerations for firewalls, NAC appliances, and intrusion detection and prevention systems

Target Audience

Designing Cisco Network Service Architectures (ARCH 2.0) is the recommended training for individuals seeking the Cisco Certified Design Professional (CCDP) and the Cisco Certified Design Expert (CCDE) certifications. Designing Cisco Network Service Architectures is also recommended for individuals who design complex enterprise network architectures, including Network Analysts, Network Consultants and System Engineers


The knowledge and skills contained in the Interconnecting Cisco Network Devices Part 1 (ICND1), Interconnecting Cisco Network Devices Part 2 (ICND2) Designing Cisco Internetwork Solutions (CCDA), Building Scalable Cisco Internetworks (BCSI), and Building Cisco Multilayer Switched Networks (BCMSN) learning paths; Learners should also complete the following courses or have the equivalent experience in Implementing Secure Converged WANs (ISCW) and Optimized Converged Cisco Networks (ONT); a good understanding of Cisco VoIP and BGP is also recommended

Expected Duration

120 min.

Course Objectives

Cisco ARCH 2.0: Security Services Design

  • identify factors to consider when designing firewalls.
  • recognize how private VLAN can be used to provide security in the enterprise campus.
  • recognize NAC Appliance components, terminology, and deployment options.
  • identify the features of common NAC appliance designs and the NAC framework.
  • determine a design for an NAC appliance deployment in a given scenario.
  • recognize the features of IPS, the considerations for using IPS/IDS, and deployment options for IPS appliances.
  • recognize considerations for designing IDS/IPS Services for enterprise networks.