Font size:

Description:

This is a bundled training package. It contains training for each of the bundled items below:

Course Price
Cisco FIREWALL 2.0: Introduction to the Cisco ASA Adaptive Security Appliance $74.95
Cisco FIREWALL 2.0: Getting Started with Cisco ASA and Cisco ASDM $74.95
Cisco FIREWALL 2.0: Configuring Cisco ASA Interfaces and Static Routing $74.95
Cisco FIREWALL 2.0: Configuring Cisco ASA NAT Features $74.95
Cisco FIREWALL 2.0: Configuring Cisco ASA Basic Access Control Features $74.95
Cisco FIREWALL 2.0: ASA Interface Redundancy and Active/Standby Availability $74.95
Cisco FIREWALL 2.0: Configuring Cisco ASA Management Features $74.95
Cisco FIREWALL 2.0: Configuring Routing Features and the Transparent Firewall $74.95
Cisco FIREWALL 2.0: The Modular Policy Framework and Traffic Inspection Policies $74.95
Cisco FIREWALL 2.0: ASA Advanced Application Inspections and User-Based Policies $74.95
Cisco FIREWALL 2.0: ASA Security Contexts and Active/Active High Availability $74.95

Bundle Price: $379.00
Total Savings: $445.45


Cisco FIREWALL 2.0: Introduction to the Cisco ASA Adaptive Security Appliance

You can use several features of the Cisco ASA Adaptive Security Appliance products to defend networks, network-connected endpoints, and network infrastructure devices from various threats. This course provides an overview of the technology and major features of the Cisco ASA security appliance and describes the hardware characteristics and licensing options of the Cisco ASA security appliance products. This information will help you select the appropriate Cisco ASA security appliances and licensing to meet the needs of your organization.
  • identify characteristics of firewall systems
  • select appropriate firewall system technologies for a particular scenario
  • describe the features of firewall system technologies
  • select appropriate Cisco ASA network access control features for a particular scenario
  • describe Cisco ASA network access control features
  • identify the network integration features the Cisco ASA supports
  • identify the manageability features the Cisco ASA supports
  • select the appropriate Cisco ASA hardware platform based for a particular scenario
  • select an appropriate Cisco ASA SSM for a particular scenario
  • describe the features of Cisco ASA licensing options

Cisco FIREWALL 2.0: Getting Started with Cisco ASA and Cisco ASDM

To get started with the Cisco ASA and to prepare the appliance for Cisco Adaptive Security Device Manager (ASDM), you should be familiar with the security appliance startup process. This course describes how to bootstrap the security appliance, prepare the security appliance for configuration via the Cisco ASDM, and launch and navigate Cisco ASDM.
  • recognize the Cisco ASA boot process and its factory built-in configuration
  • identify the features of the security appliance CLI configuration modes
  • recognize which command to use to manage the Cisco ASA flash files in a given scenario
  • identify the functions of Cisco ASA commands used in the file system
  • identify Cisco ASDM features and requirements
  • recognize how to prepare the Cisco ASA adaptive security appliance for configuration via Cisco ASDM
  • identify the components of the Cisco ASDM device and firewall dashboards
  • recognize the functions of Cisco ASDM interface components
  • recognize the features of the tool menu of Cisco ASDM
  • identify the Cisco ASDM wizards and their functions
  • describe how to perform an upgrade of a Cisco ASA security appliance
  • perform an upgrade of a Cisco ASA when a firewall configuration is not present

Cisco FIREWALL 2.0: Configuring Cisco ASA Interfaces and Static Routing

The Cisco ASA requires a minimal configuration to enforce a basic security policy in a network. Because of interface security levels, the Adaptive Security Appliance allows only traffic from more secured networks to less secured networks by default. Returning traffic is also allowed, because Stateful Packet Inspection is enabled by default. However, at a minimum the interfaces and basic routing need to be configured on an ASA device. This course describes the basic connectivity choices that you have when you are deploying a Cisco ASA. The course also describes the configuration and verification of basic settings, such as interface settings, static routing, and DHCP features on a Cisco ASA.
  • assess the Cisco ASA interface security level configuration in a given example
  • identify Cisco ASA interface security levels
  • recognize how to configure the interface network parameters on Cisco ASA 5510 and higher ASA's in given examples
  • recognize how to configure interface network parameters on the Cisco ASA 5505 in a given example
  • configure basic connectivity on the Cisco ASA by configuring the outside and dmz interfaces using ASDM
  • identify statements that describe the configuration and verification of VLANs and trunking on the Cisco ASA
  • identify the commands to use when configuring static routing with the CLI
  • identify the features of the Cisco ASA DHCP server
  • configure static routing on the security appliance
  • recognize how to troubleshoot basic connectivity on the Cisco ASA device in given examples

Cisco FIREWALL 2.0: Configuring Cisco ASA NAT Features

The Cisco ASA adaptive security appliance provides support for Network Address Translation (NAT) to solve addressing issues when your internal networks are interconnecting with external networks. NAT translates the source and destination IP addresses of traffic that is going through the security appliance. NAT often works together with the Port Address Translation (PAT) feature, which translates source ports in addition to IP addresses and enables many internal hosts to share one public IP address. This course describes the configuration, verification, and troubleshooting procedures that you use to implement NAT and PAT on the Cisco ASA security appliance.
  • describe how NAT works on Cisco ASA Software Version 8.2 and earlier
  • recognize how to implement NAT on Cisco ASA Software Version 8.2 and earlier in a given scenario
  • identify the considerations for managing NAT on Cisco ASA Software Version 8.2 and earlier
  • describe how NAT functions on Cisco ASA security appliances with Cisco ASA Software Version 8.3 and later
  • describe how the basic auto NAT configurations work on the Cisco ASA security appliance
  • describe how to configure NAT on the Cisco ASA security appliance using manual NAT
  • describe how to tune and troubleshoot NAT on the Cisco ASA security appliance using the Cisco ASDM and CLI tools

Cisco FIREWALL 2.0: Configuring Cisco ASA Basic Access Control Features

The Cisco ASA Adaptive Security Appliance provides the administrator with a rich set of access control methods that can tightly control access between networks. This course discusses the most fundamental of these controls: interface access rules that enforce a basic Layer 3 and Layer 4 policy, permanent automatic antispoofing mechanisms, and temporary host-blocking mechanisms that may be required for incident response.
  • describe the connection and local host tables
  • identify the considerations when configuring interface access rules
  • describe how to configure interface access rules on the Cisco ASA
  • describe how to configure time-based interface access rules on the Cisco ASA
  • configure Access rules using the Cisco ASDM
  • describe how to configure and verify global ACLs on the Cisco ASA Security Appliance
  • recognize how to configure and verify object groups on the Cisco ASA
  • configure service groups and network objects using the ASDM
  • describe how to configure and verify public servers on Cisco ASA Security Appliances
  • recognize how to configure and verify Unicast Reverse Path Forwarding and shunning on the Cisco ASA
  • describe the features used to troubleshoot basic access control on the Cisco ASA
  • configure uRPF and use the Real-time Log Viewer

Cisco FIREWALL 2.0: ASA Interface Redundancy and Active/Standby Availability

To support high availability on the Cisco ASA Adaptive Security Appliance, you can use several high-availability features on the appliance. EtherChannel enables you to improve the bandwidth from the Cisco ASA Security Appliance to a switch that also supports EtherChannel and it provides logical interface redundancy. Other high-availability features are redundant interfaces, in which you can pair two physical interfaces to provide interface-level redundancy. One interface in a pair is designated as active and one is waiting as a standby member. If the active interface fails, the standby interface takes over and starts forwarding traffic. This course describes how to configure EtherChannel and redundant interfaces on the Cisco ASA Security Appliance. To provide device redundancy, you can deploy Cisco ASA Adaptive Security Appliances in an active/standby high-availability failover configuration. Using this feature, you can pair two Security Appliances, where one is active and forwards user traffic, and the other is in a hot standby state. With active device failure, the standby device will take over. If the active/standby failover is deployed and configured correctly, users may not experience any network disruption. This course provides a description of the active/standby failover and then demonstrates how to configure, tune, and troubleshoot active/standby failover functionality.
  • identify the considerations for using the EtherChannel port link aggregation technology
  • describe how redundant interfaces work on the Cisco ASA Security Appliance
  • recognize how to troubleshoot redundant interfaces on the Cisco ASA Security Appliance
  • identify the guidelines for implementing active/standby failover on the Cisco ASA Security Appliance
  • describe how to configure active/standby failover on the Cisco ASA Security Appliance
  • describe how to tune and manage active/standby failover on the Cisco ASA Security Appliance
  • describe the remote execution of commands when using the Cisco ASA Security Appliance in failover configuration
  • describe how to troubleshoot active/standby failover on the Cisco ASA Security Appliance

Cisco FIREWALL 2.0: Configuring Cisco ASA Management Features

It is important to understand how to deploy basic management features on the Cisco ASA. These device management features include configuring: the device name, the system time, event and session logging, the device software, and the device licensing. This course identifies how to select management access choices, procedures, input parameters, and design and implementation guidelines. It also explains how to configure and verify time settings and support for NTP and logging settings and NetFlow on the Cisco ASA. The course covers the file system and configuration management, as well as software and activation key management on the Cisco ASA . You can access the Cisco ASA management interface locally, using the console connection, or you can access it remotely over an IP network. Configuring remote management access in a secure fashion is of paramount importance to ensure the integrity of the ASA in a possibly hostile environment, such as when management paths use an untrusted network. This course describes how to configure remote management access to the ASA, and how to configure and use administrator authentication, authorization, and accounting (AAA) features. The course concludes with guidelines and procedures on troubleshooting the configured management access functions.
  • recognize how to configure and verify basic management settings on the Cisco ASA
  • identify the configuration tasks involved in deploying basic device management features
  • describe how to manage the file system and configuration of the Cisco ASA
  • describe how to manage software and activation keys on the Cisco ASA
  • recognize how to configure time settings and support for NTP on the Cisco ASA
  • recognize how to verify time settings and support for NTP on the Cisco ASA
  • identify subsystem logging message formats and severity levels
  • identify how to configure event and session logging
  • recognize the commands used to verify event and session logging
  • recognize how to troubleshoot event and session logging
  • configure Cisco ASA logging to the Syslog server and Cisco ASDM
  • recognize how to configure Telnet and SSH access management channels on Cisco ASA Adaptive Security Appliances
  • recognize how to configure HTTPS and SNMP access management channels on Cisco ASA Adaptive Security Appliances
  • recognize important CLI commands used to configure remote management channels on Cisco ASA Adaptive Security Appliances
  • enable SSH access to the Cisco ASA security appliance
  • recognize how to troubleshoot remote management channels
  • recognize how to configure local and remote AAA authentication for management access on the Cisco ASA
  • recognize how to configure local and remote AAA authorization for management access on the Cisco ASA
  • describe how to verify and troubleshoot AAA for management access on the Cisco ASA

Cisco FIREWALL 2.0: Configuring Routing Features and the Transparent Firewall

Some small deployments and most medium- to large-size deployments require the Cisco ASA Adaptive Security Appliance to forward traffic to hosts that are not on directly connected networks. For the Cisco ASA Security Appliance to forward traffic correctly, it must have current routing information from which it can make a path selection. This course examines how routes are added to the routing table of the Cisco ASA Security Appliance and it examines the need for multicast support in secure environments. When you need to integrate the Cisco ASA Adaptive Security Appliance into an existing network and do not want or are unable to readdress the network, you might consider using the Cisco ASA Security Appliance transparent mode. This course also describes the differences between transparent and routed firewall mode, and it describes how to configure a transparent firewall, how to enable access control on a transparent firewall, and how to troubleshoot transparent firewall operation.
  • describe the characteristics of static routing on Cisco ASA security appliances
  • identify the protocols supported by dynamic routing
  • describe how to configure EIGRP on Cisco ASA security appliances
  • describe multicast support on Cisco ASA security appliances
  • describe the features of transparent mode
  • sequence the steps to configure transparent mode on Cisco ASA security appliances
  • describe how to configure and verify Layer 3 through Layer 7 access controls in transparent firewall mode
  • describe how transparent firewall mode handles different traffic types
  • describe how to configure and verify Layer 2 access controls in transparent firewall mode
  • troubleshoot transparent firewall on Cisco ASA security appliances

Cisco FIREWALL 2.0: The Modular Policy Framework and Traffic Inspection Policies

The Cisco ASA adaptive security appliance helps enforce security policies within your networks. Different types of traffic traversing the Cisco ASA adaptive security appliance should have different policies. For example, you should analyze traffic coming from the Internet for any sign of malicious software, and you should prioritize VoIP traffic on all appliance interfaces to prevent delays and packet losses. The Cisco Modular Policy Framework (MPF) configuration tool enables you to assign different network policies to different traffic flows in a flexible and granular manner. The Cisco MPF enhances Cisco ASA security appliance interface access control lists (ACLs) by allowing the administrator to specify a multitude of additional access controls on network flows independently of interface ACLs. This course starts with an overview of the Cisco MPF tool, continues with a description of policies for Open Systems Interconnection (OSI) Layers 3 and 4, and concludes with a description of management service policies, which you use to control traffic that is destined for the Cisco ASA security appliance. The Cisco ASA adaptive security appliance enforces a strict inspection and filtering policy that may sometimes interfere with unusual network designs or the use of network protocols by applications. The policy may also cause legitimate applications to experience connectivity issues over security appliances. The Cisco ASA security appliance supports many features that enable you to create exceptions in its behavior for traffic in such environments. This course describes some of the inspection tuning methods that you can configure on the appliance to integrate with such environments.
  • describe the deployment of the Cisco MPF on the Cisco ASA security appliance
  • describe how to configure and verify OSI Layer 3 and Layer 4 policies on the Cisco ASA security appliance
  • recognize how to configure and verify a Management Traffic policy on the Cisco ASA
  • describe the default inspection policy and its tuning options on the Cisco ASA
  • recognize how to tune inspection on the Cisco ASA for OSI Layers 3 and 4
  • configure ICMP and FTP Inspection on the Cisco ASA
  • recognize how to configure and verify advanced connection settings using the Cisco MPF on the Cisco ASA
  • identify the steps to configure TCP Intercept on the Cisco ASA
  • enable the TCP Intercept feature of the Cisco ASA security appliance to prevent SYN flooding attacks
  • recognize how to configure and verify support for dynamic protocols using the Cisco MPF on the Cisco ASA
  • describe how to configure support for the Cisco ASA Botnet Traffic Filter on Cisco ASA security appliances
  • describe how to configure QoS support on the Cisco ASA security appliance
  • describe how to troubleshoot OSI Layer 3 and Layer 4 inspection on the Cisco ASA

Cisco FIREWALL 2.0: ASA Advanced Application Inspections and User-Based Policies

Deploying access control that is based on parameters for Open Systems Interconnection (OSI) Layer 3 and 4 establishes a minimal connectivity policy for network applications. However, this filtering alone cannot provide protection for exposed applications. The Cisco ASA adaptive Security Appliance Application Inspection and Control (AIC) features provide advanced application layer (OSI Layers 5 to 7) filtering to address these scenarios when risk assessment demands them. This course enables you to configure, verify, and troubleshoot these advanced applications inspections and controls of the Cisco ASA Security Appliance. You can configure the Cisco ASA adaptive Security Appliance for user-based policies (also known as cut-through proxy), where you can implement different network access policies for different users based on their authenticated identity. You implement user-based policies using the authentication, authorization, and accounting (AAA) system on the Cisco ASA Security Appliance. This course describes the Cisco ASA Security Appliance user authentication capabilities, followed by per-user authorization and traffic accounting features that you can integrate with the AAA infrastructure of an organization.
  • describe how to plan the deployment of application layer inspection on the Cisco ASA
  • describe how application inspection provides additional security services to OSI Layers 5 to 7 traffic flows using regular expressions
  • recognize the tasks to configure OSI Layers 5 to 7 application policies
  • recognize the CLI commands for configuring OSI Layers 5 to 7 policies
  • describe how to configure and verify application inspection of HTTP traffic using the GUI
  • describe how to configure and verify HTTP protection policy using the CLI
  • recognize the implementation guidelines for verifying HTTP inspection
  • recognize how to configure an application layer policy between an internal network, reachable over the inside interface of the appliance, to all web servers that are reachable over the outside interface of the appliance
  • configure HTTP inspection on a Cisco ASA
  • identify how to evaluate FTP inspection on the Cisco ASA
  • describe how to troubleshoot application layer inspection on the Cisco ASA
  • identify the general deployment guidelines for user-based policies on the Cisco ASA
  • describe how to configure cut-through authentication on the Cisco ASA Security Appliance
  • recognize how to use authentication timeouts on the Cisco ASA Security Appliance
  • describe how to configure cut-through authorization on the Cisco ASA Security Appliance
  • describe how to troubleshoot cut-through accounting on the Cisco ASA Security Appliance

Cisco FIREWALL 2.0: ASA Security Contexts and Active/Active High Availability

When you implement different security policies for traffic from different customers or departments, you can use the virtualization features available on the Cisco ASA adaptive security appliance. You can configure several security contexts, each acting as a separate virtual security appliance on the same physical hardware. On each security context, you can configure most of the features that are available on single-mode Cisco ASA security appliances. This course describes the security contexts feature and how to configure and manage multiple security contexts. You can deploy Cisco ASA adaptive security appliances in an active/active high-availability failover to provide device redundancy and load sharing in order to increase performance. Using this active/active failover feature, you can pair two security appliances, in which both devices process traffic at the same time and act as a backup for each other. When both devices are operational, each processes a share of network traffic, depending on your traffic routing configuration. If one of the two appliances fails, the other takes over and processes all network traffic. This course describes the active/active failover feature and how to configure, tune, and troubleshoot active/active failover functionality.
  • identify the guidelines for using multiple context mode on the Cisco ASA security appliance
  • identify the considerations for configuring security contexts on the Cisco ASA security appliance
  • sequence the steps to configure security contexts on the Cisco ASA security appliance
  • describe how security contexts can be managed on the Cisco ASA security appliance
  • describe resource management on the Cisco ASA security appliance
  • describe how to troubleshoot the operation of the Cisco ASA security appliance in multiple-context mode
  • identify the features of active/active failover on the Cisco ASA security appliance
  • sequence the steps to configure active/active failover on the Cisco ASA security appliance
  • describe how to tune active/active failover on the Cisco ASA security appliance
  • describe how to troubleshoot active/active failover on the Cisco ASA security appliance
Register Now
Firewall 2.0 : Deploying Cisco ASA Firewall Solutions e-learning bundle
  • Course ID:
    271360
  • Duration:
    n/a
  • Price:
    $379