HBFITES Data Center, Collaboration, Security, Storage, Wireless, Telepresence Training +91-9886770046 info@hbfites.com

SAEXS v1.0 - Cisco ASA Express Security

Description

The goal of the course is to provide an understanding of the Cisco ASA solution portfolio and successfully configure various aspects of the Cisco ASA components including Cisco ASA NGFW, Cisco ASA NGFW Security Services and Cisco ASA Remote Access VPN including Clientless and AnyConnect.

Objectives

Upon completing this course, you will be able to:

  • Describe the Cisco ASA technology
  • Describe how to configure network integration and manage network settings for the Cisco ASA
  • Choose, configure, and troubleshoot Cisco ASA security appliance features
  • Introduce and Deploy Cisco Remote Access VPN
  • Describe NGFW Security Services and explore the feature and benefits found of the Policy Modular Framework
  • Describe how to configure IPS for NGFW Settings and Filtering
  • Describe the Cisco ASA NFWG WSE and AVC solutions and how to configure Cisco ASA NGFW Objects and Policies
  • Describe the features of Ciscos ASA Cloud Web Security
  • Explore Cisco ASA Active/Standby High Availability

Prerequisites

The knowledge and skills that a learner must have before attending this course are as follows:

  • Cisco ASA Overview (SAAOV) v1.0 E-learning
  • Firewall knowledge

Who Should Attend

The primary audience for this course is as follows:

  • Network Security Engineers

Outline

Module 1: Introducing Cisco ASA Solutions

      Lesson 1: Firewall Technologies
      • Firewall Technologies
      • Cisco ASA Adaptive Security Appliance Features

 

      Lesson 2: Cisco ASA Adaptive Security Appliance Features
      • Cisco ASA Adaptive Security Appliance Hardware
    Lesson 3: Module Summary

Module 2: Exploring Cisco ASA Connectivity Basics

      Lesson 1: Preparing the Cisco ASA Adaptive Security Appliance for Network Integration
      • Managing the Cisco ASA Adaptive Security Appliance Boot Process
      • Managing the Cisco ASA Adaptive Security Appliance Using Cisco ASDM
      • Navigating Basic Cisco ASDM Features
      • Managing the Cisco ASA Adaptive Security Appliance Basic Upgrade

 

      Lesson 2: Managing Basic Cisco ASA Adaptive Security Appliance Network Settings
      • Managing Cisco ASA Adaptive Security Appliance Security Levels
      • Managing Basic Cisco ASA Adaptive Security Appliance Network Settings
      • Configuring and Verifying Interface VLANs
      • Configuring a Default Route
      Lesson 3: Configuring Cisco ASA Adaptive Security Appliance Routing Features
      • Static Routing
      • Dynamic Routing
      • EIGRP Configuration and Verification
      Lesson 4: Backing up and Restoring Cisco ASA
      • Cisco ASA Backup and Restore Overview
      • Cisco ASA Backup Configuring
      • Cisco ASA Restore - Configuring
    Lesson 5: Module Summary

Module 3: Configuring ASA Basic Access Control Foundation

      Lesson 1: Configuring Cisco ASA Adaptive Security Appliance NAT Features
      • NAT on Cisco ASA Security Appliances
      • Configuring Object (Auto) NAT
      • Configuring Manual NAT
      • Configuring and Verifying Public Servers
      • Tuning and Troubleshooting NAT on the Cisco ASA Adaptive Security Appliance
      Lesson 2: Configuring Cisco ASA Adaptive Security Appliance Basic Access Control Features
      • Connection Table and Local Host Table
      • Configuring and Verifying Interface ACLs
      • Configuring and Verifying Global ACLs
      • Configuring and Verifying Object Groups
      • Configuring and Verifying Other Basic Access Controls
    Lesson 3: Module Summary

Module 4: Deploying Cisco Remote Access VPN

      Lesson 1: Deploying Basic Clientless VPN Solutions
      • Cisco ASA Clientless SSL VPN Solution
      • Configuration Choices and Configuration Procedure
      • Configuring Basic Cisco ASA Adaptive Security Appliance Gateway Features and Gateway Authentication
      • Configuring Basic User Authentication
      • Configuring Basic Access Control
      • Tuning Gateway Content Rewriting
      Lesson 2: Cisco AnyConnect SSL VPN Overview
      • Introduction to Cisco AnyConnect Client
      • Cisco AnyConnect Client Core Features
      • Cisco AnyConnect Network Access Manager
      • Cisco AnyConnect Secure Mobility Modules
      • Cisco AnyConnect Secure Reporting and Troubleshooting Modules
      • Cisco AnyConnect Secure Mobility Licensing
      Lesson 3: Deploying a Cisco AnyConnect Client SSL VPN Solution
      • Basic Cisco AnyConnect SSL VPN
      • Additional Cisco AnyConnect Deployment Options
      • Configuring Cisco ASA Gateway Features
      • Configuring Local User Authentication and IP Address Assignment
      • Configuring Access Control and Split Tunneling
      • Deploying DTLS
      • Installing and Configuring Cisco AnyConnect 3.0
      • Managing Cisco AnyConnect Software
    Lesson 4: Module Summary

Module 5: Introducing the Combined NGFW Security Services

      Lesson 1: Introducing the NGFW Security Services
      • Cisco NGFW Security Services Overview
      • Cisco Application Visibility and Control (AVC)
      • Cisco Web Security Essentials (WSE)
      • Cisco Security Intelligence Operations (SIO)
      • IPS for NGFW
      • Cisco Prime Security Manager (PRSM) Cisco ASA NGFW Management
      • Cisco Adaptive Security Appliance NGFW Deployment
      • Cisco ASA CX Policy Object Types
      • Cisco ASA CX Access Policy Configuration
      Lesson 2: Defining the Cisco ASA Adaptive Security Appliance MPF
      • Cisco MPF Overview
      • Configuring and Verifying Layer 3 and Layer 4 Policies
    Lesson 3: Module Summary

Module 6: Exploring IPS for Cisco ASA NGFW IPS Features

      Lesson 1: Configuring IPS for Cisco ASA Next Generation Firewall Settings
        <
      • IPS for Cisco ASA NGFW Settings Overview
      • IPS for Cisco ASA NGFW Settings Configuration
      Lesson 2: Configuring IPS for Cisco ASA Next Generation Firewall Filtering
      • IPS for Cisco ASA NGFW Filtering Overview
      • IPS for Cisco ASA NGFW Filtering Configuration
    Lesson 3: Module Summary

Module 7: Exploring the Cisco ASA NGFW WSE and AVC

      Lesson 1: Introducing Cisco ASA Next Generation Firewall Web Security Essentials & Application Visibility and Control
      • Cisco Web Security Essentials Overview
      • Cisco Application Visibility and Control
      Lesson 2: Configuring WSE and AVC
      • Cisco ASA CX URL Filtering Configuration
      • Configuring AVC
    Lesson 3: Module Summary

Module 8: Introducing Cisco ASA Cloud Web Security

      Lesson 1: Introducing Cisco ASA with Cisco Cloud Web Security
      • Cisco ASA with Cisco Cloud Web Security
      • Cisco ScanCenter
      • Cisco ASA with Cloud Web Security Authentication Keys
      Lesson 2: Configuring Cisco ASA with Cisco Cloud Web Security
      • Cisco ASA and Cloud Web Security Proxy-Server Configuration
      • ScanCenter Generation of an Authentication Key for Cisco ASA
      • Traffic Redirection from Cisco ASA to Cloud Web Security Proxy Servers
      • Cisco ASA and Cloud Web Security Proxy Server User-Identity Configuration
    Lesson 3: Module Summary

Module 9: Introducing Cisco ASA High Availability

      Lesson 1: Overview of Cisco ASA Active/Standby High Availability
      • Cisco ASA Adaptive Security Appliance Active/Standby Failover Overview
      • Active Unit Election
      • Switchover Event
      • Failover Management
      • Failover Deployment Options
      Lesson 2: Configuring Cisco ASA Adaptive Security Appliance Active/Standby High Availability
      • Configuring and Verifying Active/Standby Failover
      • Tuning and Managing Active/Standby Failover
      • Remote Command Execution
    Lesson 3: Module Summary

Lab Outline

Lab 2-1: Preparing Cisco ASA for Network Integration and Configuring Basic Settings

      Task 1: Verify Cisco ASA Security Appliance and Cisco ASDM Versions
      Task 2: Initialize the Cisco ASA Security Appliance from the CLI
      Task 3: Launch Cisco ASDM and Test SSH Access
      Task 4: Configure and Verify Interfaces
      Task 5: Configure System Management Parameters


Lab 3-1: Configuring NAT and Basic Access Control

      Task 1: Configure Object NAT for the Client Network and DMZ Server
      Task 2: Configure Manual NAT for the DMZ Server and Client Network
      Task 3: Configure Access Rules


Lab 4-1: Configure Cisco AnyConnect Client SSL VPN Solution

      Task 1: Configure Basic Cisco AnyConnect Client SSL VPN Support on the Cisco ASA Security Appliance
      Task 2: Configure a Connection Profile, Group Policy, and User Account in the Local User Database
      Task 3: Establish a Cisco AnyConnect Client SSL VPN using WebLaunch


Lab 5-1: Preparing Cisco ASA NGFW and Configuring Cisco ASA for Traffic Redirection

      Task 1: Install and Set Up the ASA CX Software Module
      Task 2: Redirect Traffic from the ASA to Cisco ASA NGFW
      Task 3: Explore the On-Box PRSM GUI


Lab 6-1: Configure IPS for Cisco ASA NGFW Settings and Filters

      Task 1: Configure IPS for Cisco ASA NGFW Settings
      Task 2: Configure IPS for Cisco ASA NGFW Filters


Lab 7-1: Cisco ASA NGFW Web Security Essentials

      Task 1: Configuring Cisco ASA NGFW - Acceptable Use Policy (URL Filtering)
      Task 2: Configuring Cisco ASA NFGW - Malware Blocking using Web Reputation


Lab 7-2: Cisco ASA NGFW Application Visibility & Control

      Task 1: Configure the Cisco ASA NGFW Access Policy to Deny Any Executable File Download


Lab 8-1: Cisco ASA and Cloud Web Security Integration (Optional)

      Task 1: Configure the Cisco ASA-to-Cloud Web Security Integration