Every registration supports local education. TrainUp Gives Back

Your Career Training Marketplace

Questions? Call Toll-Free: 1-866-540-9677

When you register for training with TrainUp.com, you are also supporting local education. Find out how.
  • Instant Access ImageInstant Access
    From Anywhere
  • Unlimited Viewing ImageUnlimited
  • calendar Image 6-12 Months
    To Complete


The Cisco ASA 5500-X Series Next-Generation Firewalls use the Botnet Traffic Filter feature to detect and prevent botnet activity that is detected in transit traffic. The Botnet Traffic Filter feature detects and prevents traffic from bot-infected hosts to their control servers using a reputation-based mechanism. This course provides an overview of the Cisco ASA Botnet Traffic Filter, and explains how to configure and verify Cisco ASA Botnet Traffic Filter. Users in an enterprise often need access to one or more server resources and typically, a firewall is not aware of user identities and cannot apply security policies based on identity. The Identity Firewall in the Cisco ASA provides granular access control based on user identities. You can configure access rules and security policies based on usernames and a user group name rather than through source IP addresses. The Cisco ASA applies the security policies based on an association of IP addresses to Windows Active Directory login information and reports events based on the mapped usernames instead of on the network IP addresses. The Identity Firewall integrates with the Microsoft Active Directory in conjunction with an external Cisco Context Directory Agent that provides the actual identity mapping. The Cisco ASA uses the Windows Active Directory as the source to retrieve current user identity information for specific IP addresses and allows transparent authentication for Active Directory users. Identity-based firewall services enhance the existing access control and security policy mechanisms by allowing users or groups to be specified in place of source IP addresses. Identity-based security policies can be interleaved without restriction between traditional IP address-based rules. This course describes how to configure, verify and troubleshoot the Cisco ASA Identity Firewall.

Learning Objectives
  • Start the course
  • Describe how Cisco ASA uses the Cisco ASA Botnet Traffic Filter feature
  • Identify tasks in configuring the Cisco ASA Botnet Traffic Filter on the Cisco ASA
  • Configure the Cisco Botnet Traffic Filter with static entries
  • Verify the Cisco ASA Botnet Traffic Filter
  • Identify key benefits of the Identity Internal Firewall
  • Identify statements that describe processes within the Cisco ASA Identity Firewall solution
  • Describe features of Cisco Context Directory Agent
  • Describe how the Cisco CDA can be configured to integrate with Microsoft Active Directory (AD) and with Cisco ASA
  • Identify the tasks to configure the Cisco ASA to integrate with Microsoft AD and with Cisco CDA
  • Identify the CLI commands used to integrate Cisco ASA with Microsoft AD and Cisco CDA for identity-based firewall
  • Verify Cisco ASA integration with Microsoft AD and with Cisco CDA
  • Describe how to configure identity-based access rules
  • Verify the identity-based firewall
  • Identify how to troubleshoot Cisco ASA Identity Firewall operations using various Cisco ASDM, CLI, and Cisco CDA tools and features
  • Configure Identity-Based Cisco ASA Access Policies in a given scenario
  • Audience

Get the latest industry news, recommended courses, & promotions from TrainUp.com sent straight to your inbox.