Description
Implementing Cisco Threat Control Solutions (SITCS) v1.0 is a newly created five-day instructor-led training (ILT) course, which is part of the curriculum path leading to the Cisco Certified Network Professional Security (CCNP Security) certification. Additionally, it is designed to prepare security engineers with the knowledge and hands-on experience so that they can deploy Ciscos Next Generation Firewall (NGFW) as well as Web Security, Email Security and Cloud Web Security.
The goal of the course is to provide students with foundational knowledge and the capabilities to implement and managed security on Cisco ASA firewalls utilizing Cisco Next Generation product solution which integrates Cisco Prime Security Manager for managing identity policies.
The student will gain hands-on experience with configuring various advance Cisco security solutions for mitigating outside threats and securing traffic traversing the firewall. At the end of the course, students will be able to reduce the risk to their IT infrastructures and applications using Ciscos Next Generation Firewall security appliance feature and provide operational support for Intrusion Prevention Systems, Email Security, and Web based security appliances.
Objectives
Upon completing this course, you will be able to:
- Understand Cisco ASA Next-Generation Firewall (NGFW)
- Deploy Cisco Web Security appliance to mitigate malware
- Configure Web Security appliance for acceptable use controls
- Configure Cisco Cloud Web Security Connectors
- Describe Cisco Email Security Solution
- Configure Cisco Email Appliance Incoming and Outgoing Policies
- Describe IPS Threat Controls
- Configure and Implement Cisco IPS Sensor into a Network
Prerequisites
The knowledge and skills that a learner must have before attending this course are as follows:
- Cisco Certified Network Associate (CCNA) certification
- Cisco Certified Network Associate (CCNA) Security certification
- Knowledge of Microsoft Windows operating system
Who Should Attend
The primary audience for this course is as follows:
- Network Security Engineers
Outline
Module 1: Cisco ASA Next-Generation Firewall (NGFW) Services
- Lesson 1: Describing the Cisco Modular Network Architecture
- Lesson 2: Describing the Cisco ASA (CX) NGFW Management Architecture
- Lesson 3: Configure Cisco ASA (CX) NGFW Policy Objects
- Lesson 4: Monitoring Cisco ASA (CX) NGFW Operations
- Lesson 5: Configuring Cisco ASA (CX) NGFW Access Policies
- Lesson 6: Configuring Cisco ASA (CX) NGFW Identity Policies
- Lesson 7: Configuring Cisco ASA (CX) NGFW Access Decryption Policies
- Lesson 8: Module Summary
Module 2: Cisco Web Security Appliance
- Lesson 1: Describing The Cisco Web Security Appliance (WSA) Solutions
- Lesson 2: Integrating the Cisco Web Security Appliance
- Lesson 3: Configuring Cisco Web Security Appliance Identities and User Authentication Controls
- Lesson 4: Configuring Cisco Web Security Appliance Acceptable Use Control
- Lesson 5: Configuring Cisco Web Security Appliance Anti-Malware Controls
- Lesson 6: Configuring Cisco Web Security Appliance Decryption
- Lesson 7: Configuring Cisco Web Security Appliance Data Security Controls
- Lesson 8: Module Summary
Module 3: Cisco Cloud Web Security
- Lesson 1: Describing the Cisco Cloud Web Security Solution
- Lesson 2: Configuring Cisco Cloud Web Security Connectors
- Lesson 3: Describing the Web Filtering Policy in Cisco ScanCenter
- Lesson 4: Module Summary
Module 4: Cisco Email Security Appliance
- Lesson 1: Describe the Cisco Email Security Solutions
- Lesson 2: Describing the Cisco Email Security Appliance Basic Configuration
- Lesson 3: Deploying Cisco ASA Application Inspection Policies
- Lesson 4: Summary
Module 5: Cisco Intrusion Prevention Systems
- Lesson 1: Describing IPS Threat Controls
- Lesson 2: Integrating Cisco IPS Sensor into a Network
- Lesson 3: Configuring Basic Cisco IPS Settings
- Lesson 4: Tuning Cisco IPS Signatures
- Lesson 5: Configuring Custom Cisco IPS Signatures
- Lesson 6: Configuring Cisco IPS Anomaly-Detection
- Lesson 7: Configuring Cisco IPS Reputation-Based Features
- Lesson 8: Summary
Lab Outline
Lab 1-1 Exploring Cisco ASA (CX) NGFW and PRSM
Lab 1-2 Configuring Cisco ASA (CX) NGFW Access Policy
Lab 1-3 Configuring Cisco ASA (CX) NGFW Identity Policy
Lab 1-2 Configuring Cisco ASA (CX) NGFW Decryption Policy Lab
Lab 2-1: Configuring Cisco Web Security Appliance
Lab 3-1: Configuring Cisco Cloud Web Security Connector on AnyConnect and ISR G2
Lab 4-1: Configuring Basic Cisco Email Security Mail Policies
Lab 5-1: Configuring Cisco Basic Cisco IPS Settings
Lab 5-2: Tuning Cisco IPS Signatures and Anomaly -Detection