BlueCat E-learning Curriculum

Whether you just need some knowledge gaps filled or want to learn some new skills, check out our curriculum — covering everything from DNS basics to the hard stuff.

 

 
Learning Path Course Topics
INTEGRITY STREAM
Integrity Essential Training
Introduction to Integrity


Overview

What is Integrity: DDI, DNS, DHCP, IPAM, BAM, BDDS

BAM Object Model & Configuration: Inheritance, unique IPv4/IPv6 address space, multiple configurations

How Deployment Works: Deployment Roles and options, zone transfer

Data Management & Built-in Automation: Centralized point of management, create/control DHCP service settings, inheritance, links related records, data verification, Distributed Deployment, BAM API, Network Templates, Zone Templates, IPAM Modelling tools, Gateway workflows and Adaptive Apps and Plugins

Protecting Data with Redundancy & Security: XHA (Crossover High Availability), Anycast DNS, DNS Zone transfers, DHCP Failover, Automatic Continual Service Protection, Database replication, redundant servers, Threat Protection with Security Feed, DNSSEC, Systems Hardening, Identity and Access Management (IAM) with SAML-based SSO and OAuth 2.0 and federated identity

Monitoring, Tracking, Reporting & User Access Rights: Monitoring Service, SNMP MIBs and Traps, syslog redirection, Event List, Transaction History, Reports, Event Notification, User Accounts, Workflow Change Requests

Navigating in Address Manager: Login, My IPAM Page, Widgets, Dashboard, Main Navigation, Primary tabs, Configuration-specific tabs, Configuration selector, Global tabs, Secondary tabs, Breadcrumbs, Child Objects, Table View, Filters, UDF (User Defined Field), Customize Table, Tree View, DNS, Servers, Devices, TFTP, Groups, Administration, Quick Search, Advanced Search, Data Restore, Help, Change Password

Automating with Gateway: workflows, Adaptive Applications, Cloud Discovery & Visibility for AWS, Azure & Google Cloud, Global Server Selector, Device Registration Portal, Overlay for Microsoft, Adaptive Plugins

Review

IPv4 Address Management

Overview

Blocks and Networks: block definition, assignments, inheritance, network definition, assignments, Object Type Information, nestable, user-defined fields (UDFs), Child Objects

Creating Blocks and Networks: Add a Block, object page, range link, breadcrumbs, Show Names in Breadcrumbs, split a block, Create Partitions, Data Check, create a network, Custom Gateway, Default Gateway, delete network (any object)

Modelling Blocks and Networks: Resize block or network, restrictions with resizing, split block, split network, Preserve Gateway, Default Gateway per Network, Network List, Move Blocks and Networks, Tree View

Grouping Blocks and Networks: Add a Parent Block, Merge blocks, Merge Selected, Merge Networks, restrictions with merging networks, Merge with Parent blocks or networks

Managing IP Space: Find First Available IPv4 Block, reuse existing unused ranges, Find First Available Network, IP Space Use Statistics, Usage by IP Allocation, Usage by Network Allocation, Define IP Space Statistics Settings

IPv4 Address Types and Allocations: Network ID, Broadcast Address, Gateway Address, Editing Gateway Address, Manually Assigned IP Address Types, Static, Reserved, DHCP Reserved, Dynamically Assigned IP Address Types, Assigning IP Addresses, Standalone PTR records, Duplicate Name Check, Ping Before Assign, Change IP Assignment, Clear IP Assignment, Move IPv4 address, Find Next Available IPv4 Address

Review

DHCP Configuration

Overview

DHCP Refresher: IP address pool, DHCP server, DHCP options, lease expiry, lease renewal, DORA process, Discovery, Offer, Request, Acknowledge, leases file, dhcpd.conf, deployment

Steps to Deploy DHCP: four easy steps to create and deploy DHCP

Create a DHCP Range: using IP addresses, using offsets, using offsets and percentage, Split DHCP range, DHCP Alerts, DHCP low watermark, DHCP high watermark, delete range

DHCP Deployment Options: DHCP Client options, DHCP service options, DHCP Vendor Options, overrides, Default DHCP options, DHCP Custom Options, DHCP Raw options

DHCP Deployment Roles: Primary, None, Diagnostics, View DHCPv4 Configuration, dhcpd.conf

Resizing and merging DHCP pools: orphaned IPs, convrt to DHCP Reserved, Convert to Static, Convert to Unassigned, Merge DHCP ranges

Dynamically Assigned Addresses and Exclusions: DHCP unassigned, DHCP assigned, DHCP free, DHCP reserved, DHCP excluded, DHCP abandoned

DHCP Validation: Configuration level DHCP Validation, Server level DHCP Validation, DHCP Validation log

Review

DNS Fundamentals

Overview

Introduction to DNS: What is DNS and its basic components

DNS Views: What are views, add a view, edit and rename views

DNS Zones: What are zones, Adding a zone, Adding a subzone

Zone File: Get familiar with the parameters of a deployed zone file like directives, origin, SOA, TTL, NS records and resource records

Resource Records: Add different resource records, Host Record, CNAME record, MX records, TXT record and Generic Record

SOA Records: How to add SOA records from deployment options

Reverse DNS & PTR records: what are reverse zones and how to add deployment roles for reverse zone and add PTR Records in forward zone

DNS Redundancy: Learn about redundant architecture, Zone Transfer, TSIG key, Hidden Primary and Stealth Servers, Deployment roles and Deployment option and Server Deployment

Review

Managing DNS Deployment

Overview

DNS Deployment Roles: Primary and Secondary Deployment roles, TTL and zone settings

Types of Deployment: Full Deployment, Differential Deployment and Quick Deployment

DNS Deployment Options: DNS option, DNS raw option and SOA, Allow Dynamic updates, Allow Zone Transfers,Allow notify. SOA option, Refresh Value, Retry Value and Expire Value

Access Control List: Add new ACL, Global ACL Allow recursion, Allow Query and Match Clients, Linked objects to ACL and Delete ACL

Recursive DNS: caching resolvers, Recursion Deployment Role, Allow recursion DNS option and Root hints DNS option

Global Forwarding, Forwarding Zones and Stub Zones: Forwarders, forward first and forward only

DNS Validation: Enable DNS Zone Validation, View DNS log files, Deployment data validation report and Report Schedule to administrators

Review

Server Administration

Overview

BlueCat Servers Set-up: Gen 4 servers, QPS, LPS, Virtual servers, Installation guide

iDRAC Configuration: telemetry streaming; enable NIC

Initial Server Configuration: admin password, IP address assignment, gateway address, host name, name server address, timezone, set date and time

Configuring BAM Services: SMTP, SSH, NTP, Syslog

BAM Global Settings and Configurations: change control comments, user session timeout, disclaimer, breadcrumbs, quick action - last selected IP, additional supported locales - language support, custom reverse zone format, default configuration, add configuration, associate shared network tag group

Managing BDDS: add a BDDS to BAM control, disable a BDDS, replace a BDDS, delete a BDDS from BAM

Review

User Access Management

Overview

User Accounts & Access Types: Authentication System, user accounts, LDAP groups, TACACS+, Administrator and Non administrator levels, Access types, GUI, API, Security Privilege, History Privilege

Authenticators: External authenticators, LDAP Authenticator

Groups: User groups, LDAP groups, TACACS+, SSO groups

Logging in as LDAP User: login in BlueCat Address Manager

Managing Address Manager User: Add, Edit, Lock, Unlock, delete and reset password. View user sessions

Access Rights: Hide, view, change and full access. Access right settings, Default access rights and Administrative Access Rights

Workflow Levels: workflow settings and configurations

Object Audit Trail & Transaction Details: History Privilege, view history list, Transaction details fields and data retention settings

Review

System and Event Monitoring

Introduction

Overview of SNMP: polling, traps, 5 steps to set-up Monitoring in BAM and BDDS

Enabling SNMP on BAM: Polling period, SNMP version, community string, authentication type

Monitoring Service Configuration: Polling interval, SNMP Port, failure detection count

SNMP Polling in Integrity: Polling period, SNMP version, community string, authentication type

System Metrics: CPU Utilization Percentage, Tracking back time, Memory Utilization Percentage, Network Utilization Percentage, Disk Utilization Percentage

SNMP Traps: Network Management System, Trap Server

Notification Groups & Event Level Subscriptions: Trap Group, subscribe to event levels, event level descriptions table, track event notifications

MIBs & OIDs: BlueCat BAM & BDDS MIBs and OIDs

Conclusion

BlueCat Infrastructure Assurance

Introduction to BCIA: BCIA automatically looks for problems in the environment and sends alerts about potential issues before they become events. This module shows the difference between reactive and proactive solutions, and identifies eight core functions of BCIA that enable proactive visibility, alerting and root cause analysis.

Navigating BCIA: Dashboard, Issues and detailed issue reviews, Analysis & Reporting, Devices, Settings and the codified knowledge contained in Indeni Explorer

DNS Professional Training
Managing DNS Views and Zones

DNS multiple views, match clients on DNS views, server queries in a multi-view configuration, and configure zone templates.

Overview

DNS Multiple Views

DNS Multi-View Configuration Zone Templates

Review

Managing Dynamic DNS (DDNS)

Learn how dynamic DNS works, what is the purpose of using Allow Dynamic Updates deployment option, how to configure secure DDNS updates by TSIG key & create DHXP zone declarations along with DDNS related Deployment options.

Overview

Introduction to Dynamic DNS

Allow Dynamic Updates option

DHCP Zone Declaration

Securing Dynamic Updates using TSIG keys TXT records

Review

DNS Logging

Learn about Syslog and how to view Syslog in the Address manager and at the OS level, query logging and explain the implications of enabling it, a step-by-step walkthrough of configuring a logging channel and reviewing logging channel data.

Overview

Syslog

Query Logging

Logging Channels

Review

DNS Activity

A new feature in Integrity- DNS activity, highlighting the reasons to use DNS activity, how it is different from query logging, explaining its architecture, and demonstrating ways to configure it in BAM using Splunk, HTTP, and API.

Overview

What is DNS Activity

Why to use DNS Activity

DNS Activity vs. Query Logging

DNS Architecture

Configure DNS Activity in BAM-Splunk

Configure DNS Activity in BAM-HTTP

Configure DNS Activity in BAM-API

Review

Integrity Fundamentals 
- Essential 
Training Path

Advanced IPv4, IPv6 and DHCP Management 

Network Templates and IP Groups: IP Groups, Creating an IP Group in a Network, Network Templates, Access Rights for IP Groups, Creating DHCP Ranges in a Template, Assigning Options in a Network Template, Assigning a Network Template (x2), Re-applying a Network Template, Unlinking/Deleting a Template.

Managing the IPv6 Address Space: IPv6 Management, IPv6 Addressing are 128-bits Long, Abbreviating IPv6 Addresses, Global and Local Address Spaces, Creating Global Blocks, Creating a Global IPv6 Network, Creating Unique Local Blocks, Creating IPv6 Addresses, Unallocated IPv6 Address, Managing IPv6 Assignments, IPv6 DNS AAAA Records, Dual Stacked Hosts, DHCPv6.

DHCP Advanced Features: Shared Networks, Configuring Shared Networks, Vendor Profiles, Defining a Vendor Profile, Adding Vendor Profile Option Definitions, Assigning Vendor Options, Vendor Encapsulated Options, DHCP Match Classes, Configuring Match Class, MAC Pools, Adding MAC Addresses to a MAC Pool, DHCP Alerts, Configuring DHCP Alerts.

DHCP Failover: DHCP Failover, DHCP Failover - How Does it Work?, Failover Architecture, Pool Re-Balancing, DHCP Failover States, Failover Options, DHCP Failover Deployment Roles, Failover Commands, Active-Active versus Active-Passive

Managing DNS with Integrity

Advanced DNS Concepts: Other DNS Servers, Published Interface, Naming Policy Management, Naming Policy Results, BlueCat Threat Protection and Response Policy Zones, DNSSEC Policy Management.

Active Directory Integration: Active Directory and DNS, Create Active Directory Zones in Address Manager, Allow Dynamic Updates, Configure DC to Update BlueCat DNS, Register Resource Records, Multiple AD Subzones, Registered Resource Records

Integrity Server Management

General Administration: Administration Page, General Section, Global Settings, Additional Global Settings, Multi-Interface Support on Address Manager, Creating Configurations, Switching Between Configurations, System Configuration, Secure Access (HTTPS)  UPDATES AND PATCHES - Obtaining Address Manager Updates, Software Update, Applying the Update, Initialization and Update Process, Dual Boot Partitions, Managing Address Manager Patches, Applying an Address Manager Patch.

Getting the System Ready: Address Manager Administration Console, System User Accounts, Configuring Your Device Settings, Configuring Address Manager Services, Adding BlueCat DNS/DHCP Servers, Configuring BDDS Settings, Additional IP Addresses, Service Configuration Override, Monitoring BlueCat DNS/DHCP Servers, Enabling the Monitoring Service, Monitoring Settings, Server Statistics Widget, DNS and DHCP Server Metrics.

Data Management: Data Checker, Configuring Data Checker, Data Checker Issues, Administration Page - Database Management, Database Replication, Preparing for Replication, Configuring Replication, Replication - Planned Failover, If the Primary Fails, Breaking Replication, Updating Servers in Replication, History Archive and Purge, Database Re0Index, Address Manager Backups, Backup Scheduling Service, Restoring a Backup  USER-DEFINED FIELDS - User-Defined Fields (UDFs x2), Creating User-Defined Fields (x2), Creating Objects with User-Defined Fields, Adding a Column for User-Defined Fields.

Monitoring and Tracking: MONITORING, EVENTS AND HISTORY - Monitoring Address Manager, Configuring Monitoring Parameters, Enabling Monitoring, System Configuration -Metrics Tab, Idrac, Event List, Transaction History (Global), Transaction Details, Searching Transaction History, Searching Recommendations  REPORTS, NOTIFICATIONS GROUPS AND LOGS - Reports, Creating a Report, Scheduling a Report, Emailing Reports, Notification Groups, Subscribing to Event Levels, Deployment Status Events, Address Manager Logs.

Object Tags and Devices: OBJECT TAGS - Object Tags, Creating Tag Groups and Tags, Tagging Objects, Tagging Objects, Viewing Tagged Objects, Searching Using Tags, Results of the Search  DEVICES AND DEVICE TYPES - Device Types, Creating Device Types, Devices, Adding a Device

IP Discovery and Reconciliation

Introduction: Introduction to Discovery and IP Reconciliation, How Discovery Works, LAYER 3 Discovery, Layer 3 Discovery, Layer 2 Discovery, Ping Sweep, Best Practices for Running Discoveries, Reconciliation Results 

Configuring Discovery and IP Reconciliation: IP Reconciliation Policy, IP Reconciliation Policy (Configuration Level), IP Reconciliation Policy (IP Block or Network Level), Additional IP Reconciliation Policy Settings, Running a Discovery (x2), Discovery Results, Reconciling Addresses, Networks Created as a Result of Reconciliation

Crossover High Availability (Xha)

Understanding XHA: XHA Overview, XHA Interfaces, Hearbeat, Distributed Replicated Block Device (DRBD), IP Addresses and XHA, Virtual IP Address, Using eth1 for Backbone, Ping Node, Normal Operation, Failover Scenario - eth0 down on Active Node, Failover Scenario - Service Failure on Active Node 

Configuring XHA: Requirements, Potential Issues When Configuring XHA, Configuring XHA, XHA Status - Initializing, XHA Status - Finished Initializing, Show High-Availability CLI Command, Viewing an XHA Pair, XHA Properties  MANAGING XHA - Performing a Manual Failover, Repairing XHA, Upgrading XHA, Breaking XHA, Post Break State, XHA versus DHCP Failover

DNS Security in Integrity

Response Policy Zones: Simulation - Response Policy, Using Wildcards, Results of the RPZ.

BlueCat Threat Protection: Configure Threat Protection, Troubleshooting, Revisiting the Problem

Integrity Updates

Network Data Visualization 

VLAN Tagging: Configuring VLAN Interfaces, Configure VLAN in Address Manager, Standalone PTR Records 

Response Policy Zone Activity: Generating Response Policies, Pre-Deployment Validation, Configuring Pre-Deployment Validation  X509Authentication - Configuring and Enabling X509 Authentication, SSH Discover, IP Reconciliation 

Security Professional Training
Securing DNS Infrastructure

Learn the importance of DNS security and how to identify network threats and correctly set-up your BlueCat DNS infrastructure.

Securing DNS: DNS security, CIA triad goals, DNS components

Types of DNS Security Threats: Types of DNS Attacks, Subtypes and Ways To Prevent DNS Attacks

Securing Address Manager: STIG and PCI Compliance, BlueCat Adherence

HTTPS and SSL Certificates: HTTPs Settings in BAM, Custom/Self-Signed Certificates

Public Key Infrastructure (PKI): Cases of PKI, Encryption, Digital Signatures/Certificates, Certificate Authority (CA), Certificate Chain Order 

Identity Access Management: IAM, Methods of IAM, SSO, OAuth configuration

System Hardening: BlueCat Security, Role of Deployment, Notifications, Address Manager Firewall

Best Practices: BlueCat's Best Practices/Recommendations

Secure DNS Architectures The Four Quadrant Architecture model is BlueCat’s best practice for building DNS Secure Architectures.

Four Quadrant Architecture Model: BlueCat's Best Practice Model, Network Layer, Server Functions, Core Functionality of Each Quadrant

Four Quadrant Architecture Best Practice: Best Practice DNS Implementation

Four Quadrant Architecture in Practice: DNS Setup in a Small Organization, Steps to Improve DNS Security/Performance through Four Quadrant Model
DNSSEC & Advanced DNS This course looks at DNSSEC components and functions, and how to configure it in Integrity.

What is DNSSEC?: How Digital Signatures Authenticate DNS Responses for Integrity/Authenticity, Evolution from DNS Vulnerabilities to DNSSEC's Creation, Use of Public Key Cryptography / Key Pairs to Secure DNS Data, DNSSEC's Pivotal Role (Origin Authentication, Integrity, Denial of Existence Prevention)

DNSSEC Core Requirements and Terminology: Key Requirements for Enabling DNSSEC, Ensuring the Validation of Queries, Roles of Recursive Servers, Responsibilities of Authoritative Servers, Concept of the Chain of Trust, Significance of Public / Private Keys

DNSSEC Resource Records: Fundamental Resource Record Signature (RRSIG), DNSKEY's Contributions to Security with Key Signing Keys (KSKs) / Zone Signing Keys (ZSKs), Delegation Signer (DS) Record in the DNSSEC Chain of Trust, Proof of Non-Existence Records

DNSSEC Responses and Validations: DNSSEC Enabled Response, AD / OK Flags, How an RRSIG is Generated, Validating Resolver to Verify/Validate a DNSSEC Response  

DNSSEC Query Validation Process: Steps Involved for a DNSSEC-Enabled Resolver to Send a Validated Response to a Client, Difference Between a Standard DNS Resolution Process Versus a Resolution Process  

DNSSEC on BlueCat Authoritative: Steps to DNSSEC-Enabled Authoritative BlueCat Servers, Importance of Key Rollovers, Daily Scheduled Deployments, Key-Signing Key (KSK) Updates to the Registrar, Validating that a Server is Sending DNSSEC-Enabled Responses

BlueCat Validating Resolver: Enabling a DNSSEC Validating Resolver on BlueCat BDDS Servers, Difference Between Automatic Validation Versus Using a Configured Trust Anchor with Manual Validation, Process of Manually Configuring Trust Anchors for BlueCat-Managed & External Zones.
Support Provider Fundamentals
Support Provider Linux Toolbox Level One
BlueCat Products and The Linux Toolbox, Working with Linux, File and Directory Management, Change Directories, Print Working Directory, List Directory Contents, Move Files, Copy Files, Symbolic Links (Symlinks), Create A Soft Link/Symbolic Link Between Files and Directories, Text File Basics, Display File Contents, Display the Bottom of a File, Display New Lines of a File, System Input, Output and Redirection, Redirect, Append and Pipe, Combine Two Files, Print to STDOUT, Text File Advanced, Regular Expressions (aka Regex), Search File Contents, Additional Parameters for Grep, Grep and Escape Characters, Colorize Grep Matches, Process Text as Columns, Changing the Delimiter for AWK, Find and Replace File Contents, Network Management, Managing IP Addresses, Managing ARP and Routing Tables, Resource Management, Managing Memory and Processes, View Running Processes, Stop a Running Process
Supporting DNS/DHCP Server

DDS Under the Hood

DNS Service: DNS Configuration Files, The Named.conf Configuration File (x3), The Zone.conf Configuration Files, The Zone .db Files, Two Styles of DNS Zone .db Filenames, DNS Journal Files 

DHCP Service: DHCP Configuration Files, DHCP Config. File (var/state/dhcpd/dhcpd.conf) (x3), The Leases Database File (var/state/dhcpd/dhcpd.leases), Minimum, Maximum and Default Lease Time  SNMP Service - SNMP Config. File (etc/snmp/snmpd.conf), Commonly Polled Objects, BlueCat MIB Files 

AnyCast Service: Quagga, Anycast Configuration Files (etc/quagga/ospfd.conf) (x3), Anycast Configuration Files (etc/quagga/zebra.conf)  FIREWALL SERVICE - Integrity DDS Firewall 

DNS/DHCP Server Log Files: DNS/DHCP System Log, Common Syslog Errors - dhcpd, Common Syslog Errors - named, DNS/DHCP Command Server Log, DNS/DHCP Server Scripts and Shortcuts, DNS/DHCP Server Aliases 

DNS/DHCP Server System Passwords: Resetting the Deployment Password, Resetting the admin Password, Resetting the root Password

Supporting Address Manager

BAM Under the Hood

Deployment Service: Types of Deployment, Common Deployment Configuration and Operation Files, Deployment Process, Full Deployment XML, Differential Deployment XML, Deployment Status 

Notification Service: Notification Queue, Notification Process, Notification Health Check 

Database Service: Database Maintenance, Address Manager Log Files, System Log, Address Manager Server Log (x2), Address Manager Scripts and Aliases, Built-in Application Accounts, Resetting the Address Manager Admin Password 

Providing Support with Datarake Diagnostics
The Datarake Diagnostics Collector, The Datarake Process, Datarake Contents: Platform, Resources, Networking, BlueCat Software, Useful for Troubleshooting, Modify Info Collected by Datarake.sh, How CS Uses Datarake.sh, Datarake Archive Process
Support Provider Linux Toolbox Level Two

Working with Support Tools

SSH: Log into a Remote System

DNS Query Tools: DNS Query Tools, Query a Website or Device to See Info about the Host, Reading the Results of DIG, Variables in the dig header, Display the Name Server of a Domain, Display High-Level DNS Details 

Networking Tools: Read and Write Data across a Network with TCP Only, Port Scanning with Netcat, Address Manager Service Ports, View Packets Moving through an Interface, Refining the Analysis of tcpdump, Examining Packets with Wireshark, Follow the Path of a Packet Between Your Query and a Target Server 

BIND and Named: BIND and Named, Control DNS Functions through the Command Line, View the Status of a Named Device with RNDC Status, Enable and Disable querylogging, Flush Cached Records  SNMP - View the Status of All Network Entities, Object Identifiers and Management Info Bases, Enabling SNMP in the BlueCat Enviornment, Breaking Down the SNMPWalk Command, Reading the Output of an SNMP Walk, Commonly Polled Objects

Working with Customer Success
Customer Care Overview, Divisions of Customer Success, Enterprise Support, Customer Learning, Assisted Upgrade, Professional Service, Gateway Support, Customer Community and Knowledgebase, https://care.bluecatnetworks.com/, Browsing the Customer Success Knowedgebase, In Practice: Search the Customer Success Knowledgebase, Leverage the Customer Success Community, Open a Case with Customer Success, Typical Support Process, The Customer Success Mandate, Customer Success Handbook
EDGE STREAM
Edge Essential Training

Introduction to Edge

Overview: This course provides a big picture overview of what Edge is, what it can do, and how it works.

What is Edge?: Key functions of Edge, DNS forwarding and caching server roles, DNS routing, threat detection, reporting and localized service delivery capabilities

Main Components: Terminology used to describe architecture

Navigating Edge: Edge Cloud User interface and its many features

Intelligent Forwarding: Edge's DNS routing function, understanding how it works and the many DNS challenges it solves.

Threat Detection and Remediation: Capabilities that enable quick identification and blocking of potential DNS threats

Visibility and Reporting: A variety of logs, insights and reports

Review

Getting Started With Edge

Introduction: How Edge works to route queries and collect query data, and walks through the initial steps to configuring an Edge environment

Edge in a DNS Architecture: The role of Edge in a best practice DNS architecture as the internal recursive layer responsible for caching, forwarding and hosting a DNS resolver service. A look at the placement of Edge service points at the first hop from client devices.

Standard Vs. Edge Query Resolution

Sites, Service Points, & Namespaces: The relationship between sites, service points and namespaces, and the sequence for configuring them. How to set Namespaces, Policies and Location data for a Site’s associated service points, and walkthrough how to configure a site in the Edge UI.

Domain & IP Address Lists: How Domain lists and IP address lists can be used to route queries with Namespaces, or be applied to Service Point policies that allow, block, redirect or monitor specific domains or specific client IP addresses.

Namespace Settings and Forwarders: CISCO Umbrella, TTL, EDNS Client Subnet, serving expired queries from the cache, configuring multiple forwarders, and how Edge manages load balancing.

Namespace Routing: Response Codes, Domain Lists and IP Lists and their associated match and exception lists.

SPv4: Main differences between SPv4 and SPv3. SPv4 allows us to configure a growing range of services, view the health status and make changes to service point OS and services from the Edge UI. In addition, SPv4 has a range of security, reliability, diagnostic and troubleshooting features.

Review

Configuring Policies

Overview: Policy types, the actions they perform, use cases and configuring a Global Trust Policy

What Are Policies?: An overview of policy basics, including what is a policy, where is it applied, what can it do and how is it triggered.

Policy Types: Block, Block with Redirect, Monitor and Trust - and the actions they perform. The query path under different policy conditions, example use cases, and configuring a Global Trust Policy.

Policy Assessment & Actions:  Policy actions on Edge queries questions and answers and their potential outcomes in different scenarios, CNAME records, NS records, as well as Time and Date criteria.

Creating a Policy: Creating a policy in Edge, and the criteria that can be used to trigger a policy response.

Policy Actions for Potential Threats: Threat indicators and threat types such as DGAs and Tunelling, and how to use policies to monitor or block queries identified as potential threats.

Policy Best Practices: Threat Protection feeds, and policy implementation strategies

Review

DNS Edge Fundamentals
Edge Concepts
Introduction to DNS Edge, Learning Objectives, Why Do We Need DNS Edge?, DNS Edge Components, DNS Edge Capabilities, Block Known Threats, Enforce Policies, Identify Suspect Activity, Assess Risk, Profile Devices
Technology Concepts: Technology Concepts 
DNS Concepts: What is DNS/, Domain Names, IP Address Translation, A Simple DNS Query, DNS Requests, DNS Resource Records, Common DNS Responses, Forwarding, Forwarding and DNS Edge 
DNS Edge Concepts: Why Use Namespaces?, DNS Edge vs. SIEM Solutions 
DNS Threat Concepts: DNS Threats, Volumetric Attacks, Real World Volumetric Attacks, Detecting Volumetric Attacks in DNS Edge, DNS Tunnelling, Detecting DNS Tunnelling in DNS Edge, Edge Threat Indicators, Domain Generation Algorithms (DGAs), Detecting DGAs in DNS Edge
Navigation and User Management in Edge Navigation and User Management, Logging into DNS Edge, The DNS Edge Dashboard, Viewing DNS Activity, Viewing Threat Activity, Detail View, General Commands (x2), Changing Your Password, Viewing Users, Adding Users (x2), User Permissions
Filtering Edge Data Filtering DNS Edge Data, Command Types, Filter Commands, Filter Command Details, Filter Command Formatting Rules, Filter Command Errors, Command Case Sensitivity, Tips for Using Filter Commands, Using the Wildcard with Filters, Using Multiple Filter Commands, Multiple Filter Command Examples, Filtering by Threat Indicator
Edge Namespace and Sites

Working with Namespaces and Sites

Namespace Forwarding with Response Codes

Creating Namespaces, Multiple Forwarders in a Namespace, Creating Namespaces, Default Namespaces, What is a Service Point?, What is a Site?, Creating Sites, Generating Service Points, Sites, Service Points, and Namespaces, Namespace Order, Service Points, Namespaces and NXDOMAIN Responses, Sites and Site Groups

Working with Policies in Edge

Working with Domain Lists: What are Domain Lists?, Viewing Domain Lists, Adding Domain Lists Manually, Adding Domain Lists with a File, Large Domain Lists, Downloading Domain Lists, Adding Domain Lists with a Dynamic Feed, Dynamic Feed Fields, Deleting Domain Lists 

Working with Policies: What Are Policies?, Policy Actions - Monitor, Policy Actions - Block, Policy Actions - Redirect, Policy Actions - Allow, Query Evaluation, The Policy List, Creating a Policy, Additional Fields, Modifying or Deleting a Policy, Domain Lists and Site Groups in Policies, Policy Interactions

MICETRO STREAM
Introduction to Micetro
Navigating Micetro
IPAM & DHCP Management
DNS Management
AUTOMATION STREAM
Gateway Fundamentals
Gateway Concepts Introduction to Gateway, What is Gateway?, Gateway Use Cases, Gateway Architecture, Architecture Review, Installing Gateway, Log into Gateway, Gateway Administration, Custom Gateway UDF, Gateway Documentation, Additional Instructions for MAC Users - Workarounds for Mac Users
Gateway Basics Basic Functionality, Learning Objectives, Workflow Permissions, Video Knowldege Check, BlueCat Labs on Github, Video Knowledge Check, Gateway Landing Page, Additional Instructions for MAC Users - Workarounds for MAC Users
Customize Gateway Customizations, Configuring Gateway, Additional Address Managers, Additional Address Manager Settings, Initialize Additional Address Managers, Address Manager Selection, Customizing Gateway's Interface, Configuring Autologin, Change Gateway Header Logo, Change the Colour Theme, Video Knowledge Check, Configuring Gateway Certificates, Configuring Gateway Log Settings, Additional Instructions for MAC Users - Workarounds for MAC Users
Gateway Workflows Workflows, Import and Export Workflows, Video Knowledge Check, Create New Workflows, UI Component Fields, UI Python Modules, Returning Data to the User, UI Componenet Events, UI Component Dependencies, Creating Custom UI Components, Adding Custom HTML and CSS to a Workflow, Workflow Endpoints, Benefits of Gateway APIs, Creating API Only Workflows, Additional Instructions for MAC Users - Workarounds
Extending Gateway Extensions, Integrating MongoDB, NoSQL Benefits, External DB/Mail Configuration, Mail Integration, Password Encryption, Gateway and nsupdate
Troubleshooting Gateway Troubleshooting, Gateway Health and Logs, Video Knowledge Check, Container Name Already in Use, User Cannot Login, Gateway Does Not Run, Pushing Logs to Standard Out
Gateway 9.2 Updates
Configuring the Authorization Server, Configuring the IdP Metadata, Configuring the SP Metadata  in BAM, Converting LDAP Groups into SSO Groups, Creating SSO Groups, Enabling the SSO Enforced Mode, Testing the SSO Connection, Configuring Gateway SP Settings, Configuring OAuth Settings in BlueCat Gateway
Hybrid Cloud Professional

 

DDI for Hybrid Cloud

BlueCat’s Hybrid Cloud offering, including Cloud Discovery & Visibility for AWS, Azure and GCP, and Hybrid DNS Update. Learn the DDI considerations and best practices for migrating to cloud, and the pillars of BlueCat’s Hybrid cloud offering. 

Cloud Discovery & Visibility - AWS
Learn about BlueCat's Cloud Discovery & Visibility application, which enables finding and retrieving DNS and IPAM information in AWS, Azure and the Google Cloud Platform, and import the discovered resources into the BlueCat Integrity Address Manager. Walk through a manual set-up of some infrastructure and resources in AWS. Learn how to enable discovery and define locations within the BAM for our discovered resources. Then learn to enable visibility of those resources and how to manage visibility jobs. Finally, learn what visibility shows us in the BAM, and dive a little deeper into how it works. Azure and GCP versions of this course will be available soon.
Hybrid DNS Update
BlueCat Hybrid DNS Update, an application that extends the capability of Cloud Discovery and Visibility by enabling instant updates to authoritative DNS data across multiple cloud and on premise providers. Walk through the requirements and installation for Hybrid DNS Update. This includes installation of the container running on the BlueCat Gateway platform, setting permissions, and preconfiguring Address Manager. Learn how to add external DNS providers to BAM, how to add, update and delete records using the Hybrid DNS Update UI, and take a quick look at the Hybrid DNS Update Swagger API.
Additional Automation Content
Make Integrity API's Work for You (Webinar)
Jump Start to Address Manager API, Working Through Your IP Space, Searching Address Manager, Managing DNS/DHCP Servers, User Management, Address Manager Reporting
Make Gateway Work for You (Webinar)
The Basics, Bulk Importing, Scheduling, Reporting, Better Self-Service, IT Service Management and Ticketing, Workflow Masterclass
Gateway SSO & OAuth Configuration

Tutorials and information on SSO features which have been updated in BlueCat Gateway.

Intro to SSO (What Is SSO?, How SSO Works)

Configuring the Authorization Server

Configuring the IdP Metadata and Enabling the SSO Connection

Configuring the SP Metadata

Converting LDAP Groups into SSO Groups

Creating SSO Groups

Enabling the SSO Enforced Mode

Testing the SSO Connection

Configuring Gateway SP Settings

Configuring OAuth Settings in BlueCat Gateway

DDI STREAM
DHCP 101

Modules include: Introduction: Welcome; What is DHCP?;  DHCP in the Enterprise Space

History of DHCP: Before DHCP; BOOTP to DHCP

How DHCP Works: DHCP Components; DORA Process Overview; DORA Step by Step; Lease Renewal; Rebooting; Lease Length; Choosing an IP

DHCP Message Format: Network Packets; DHCP and the OSI Model;DHCP Messages; Options Section; Common DHCP Options

Network Architecture: Scopes; Reservations and Exclusions; Relay Agents

Server Files: Server Files Overview; DHCP Server Configuration File; DHCP Leases File

New from BlueCat
BlueCat Server Update Service

Learn from one of BlueCat's Technical Team Leads how to automate updates across your BDDS server fleet with BSUS - BlueCat Server Update Service. Check this Learning Path frequently as it will be continuously updated.

BSUS General Overview

BSUS Installation

BSUS Navigation

Working with BSUS

BSUS SSH Private Key

BSUS Upgrade Customization Packages

BSUS Technical Overview

BSUS Rest APIs

Distributed DDNS

BlueCat Distributed DDNS application; the problems it solves, its architecture, settings and features. Distributed DDNS provides a distributed entry point for all Dynamic DNS registrations, sitting as close as possible to the client. It provides a secure interface for all dynamic DNS Updates. In addition, BlueCat Distributed DDNS provides Anycast deployment capabilities and is fully integrated with the BlueCat Adaptive DNS Stack.

Introduction to DDNS

Distributed DDNS Architecture

Distributed DDNS Settings

DDNS Updates and Permissions

Distributed DDNS in Action

Aging and Scavaging

Service Points and Anycast

Troubleshooting

BlueCat Cisco DNA Center (DNAC)

CISCO DNA Center plugin by BlueCat enables BAM data to be visible in your DNAC dashboard. This course walks through the differences between different available plugins, installation, and demonstrates a variety of functions including importing blocks, modifying pools, and deleting pools.

CISCO DNAC Introduction

BlueCat DNAC Generic vs CISCO DNAC BlueCat Plugins

CISCO DNAC Installation

CISCO DNAC Demo

Importing Blocks from BAM into DNAC

 Modifying a Pool or Subpool

Releasing a Pool or Subpool

Issues & Concerns

Network Discovery

BlueCat Network Discovery provides consistent visibility into the state of IP space utilization in segmented networks. Discovery probes in multiple VRF environments allow this IP data to be collected and centralized in BlueCat Address Manager.

Network Discovery Demonstration Overview

Network Discovery Installation and Configuration

Integrity 9.5

An overview of the main features in the Integrity 9.5 release.

Feature Overview

Gateway Service Improvements - Overview

Gateway Service Improvements Demo 1

Gateway Service Improvements Demo 2

BlueCat Address Manager Firewall Improvements - Overview

BlueCat Address Manager Firewall Technical Demo

SysLog Enhancements - Overview

Syslog Enhancements Technical Demo 1

Syslog Enhancements Technical Demo 2

DHCP Activity and other Enhancements - Overview

DHCP Activity and other Enhancements - Technical Demo 1-4

 

v2 RESTful API

v1 Import Entities

v2 RESTful API - Technical Demo 1-16

v2 RESTful API & Import Entities Summary

Telemetries to Kafka and ElasticSearch

Telemetries to Kafka and ElasticSearch - Technical Demo 1-5

Cloud Enhancements

Cloud Enhancements - Technical Demo 1-4

 

Integrity 9.6

This learning path will cover the major features within the BlueCat Integrity 9.6 release. Each course will contain a feature introduction, problems we're trying to solve and how to do it. As well, a deeper technical dive into the architecture, demonstrations and key updates. This will be followed by knowledge checks demonstrating your understanding. 

Feature Overview

Additional DNS Record Types Overview

Additional DNS Record Types Technical Demo 1-3

Multi-Primary DNS Overview

Multi-Primary DNS Technical Demo 1-2

Dynamic Update of DHCP Records Overview

Dynamic Update of DHCP Records Technical Demo 1-2