HBFITES

This dynamic and hands-on intensive 5 day course combines the two latest courses on the ASA: Deploying Cisco ASA Firewall Features (FIREWALL) and Deploying Cisco ASA VPN Solutions (VPN). You will receive both Cisco authorized course kits, but only cover the most vital aspects of the Adaptive Security Appliance's firewall and VPN capabilities. This course is an awesome way to launch your expertise with ASAs, and is extremely useful in supporting planned implementations. You can also use this class as an excellent prep for both of the related Cisco exams as a part of achieving the coveted CCNP Security!

Who should attend

    This course is intended for Cisco customers who implement and maintain PIX and ASA Security Appliances as well as networking professionals tasked with ensuring the effective use of Cisco VPN technologies within their networks; Cisco channel partners who sell, implement and maintain PIX and ASA Security Appliances; and Cisco systems engineers who support the sale of PIX and ASA Security Appliances.

Prerequisites

The knowledge and skills you must have before attending this course are as follows:

    Cisco Certified Network Associate (CCNA) certification or equivalent knowledge
    Cisco Certified Network Associate Security (CCNA Security) certification or equivalent knowledge
    Working knowledge of the Microsoft Windows operating system

Course Objectives

Upon completing this course, you will be able to:

    Explain the functions of the three types of firewalls used to secure today's computer networks
    Describe the technology and features of Cisco security appliances
    Given diagrams of networks protected by Cisco Adaptive Security Appliances (ASAs) and Cisco PIX Security Appliances, explain how each appliance protects network devices from attacks and why each is an appropriate choice for the example network
    Bootstrap the security appliance, prepare the security appliance for configuration via the Cisco Adaptive Security Device Manager (ASDM) and launch and navigate ASDM
    Use ASDM and the CLI to perform essential security appliance configuration
    Use ASDM to configure dynamic and static address translations in the security appliance
    Use ASDM to configure switching and routing on the security appliance
    Given a PC, a Cisco 5520 ASA, and a security policy, use ASDM to configure access control lists, filter malicious active codes and filter URLs to meet the requirements of the security policy
    Use the packet tracer for troubleshooting
    Use ASDM to configure object groups that meet the requirements of the security policy
    Use ASDM to configure AAA as needed to meet the requirements of the security policy
    Use ASDM to configure a modular policy that supports the security policy
    Use ASDM to configure protocol inspection to meet the requirements of the security policy
    Use ASDM and the CLI to configure threat detection to meet the requirements of the security policy
    Use ASDM to configure the security appliance to support a site-to-site VPN that meets the requirements of the security policy
    Use ASDM to configure the security appliance to provide secure connectivity using remote access VPNs
    Configure the security appliance to run in transparent firewall mode as needed to meet the requirements of the security policy
    Enable, configure, and manage multiple contexts as needed to meet the requirements of the security policy
    Select and configure the type of failover that best suits the network topology
    Monitor and manage an installed security appliance
    Configure policy NAT based on traffic type
    Describe the layer 7 modular policy framework for the security appliance and how it is configured
    Describe the layer 7 advanced protocol handling capabilities of modular policy frame and how it is configured.
    Determine the necessary configuration for the ASA 5505 to be a VPN hardware client
    Configure CSD and DAP for SSL VPN connections on the Cisco ASA
    Identify the steps needed to configure, inspect and filter traffic with the Content Security and Control SSM
    Identify the steps needed to configure the security appliance to identify, alert and defend against attacks

Course Content

In the first part of this course, we take a task-oriented approach to teaching the skills to configure, operate and manage the Cisco Adaptive Security Appliance product family. Configurations are performed via ASDM. This course covers important new ASA and PIX Security Appliance 8.0 features, giving you the knowledge and skills to protect network systems from intrusions and security threats. In the second half of this course, you will learn to describe, configure, verify and manage the Cisco ASA Security Appliance product. In this lab-intensive course, you will learn to take the appropriate steps needed to configure the security appliance to identify, alert and defend against attacks. CCNA or CCNA Security Certification are strongly suggested as prerequisites. You must also have experience in configuring Cisco IOS software, basic knowledge of the Windows operating system, and familiarity with networking and security terms and concepts. This course is for network professionals wanting to guarantee the security of their network.