Font size:

Description:

This is a bundled training package. It contains training for each of the bundled items below:

Course Price
Cisco VPN 2.0: Cisco ASA Adaptive Security Appliance Remote Access IPsec VPNs $74.95
Cisco VPN 2.0: Cisco ASA Site-to-Site IPsec VPN Solutions $74.95
Cisco VPN 2.0: Deploying Advanced AAA in Cisco Full-Tunnel VPNs $74.95
Cisco VPN 2.0: Implementing Cisco Secure Desktop and DAP for SSL VPNs $74.95
Cisco VPN 2.0: Deploying High Availability Features in Cisco ASA VPNs $74.95

Bundle Price: $199.00
Total Savings: $175.75


Cisco VPN 2.0: Cisco ASA Adaptive Security Appliance Remote Access IPsec VPNs

The Cisco ASA adaptive security appliance supports remote access IP Security (IPsec) VPNs that you can manage using the Cisco Easy VPN solution. Remote access IPsec VPNs protect traffic between mobile workers and a central site. This course describes how to deploy remote access IPsec VPNs, including preshared authentication, certificate-based authentication, and advanced public key infrastructure (PKI) integration. Remote access deployments that use the Cisco VPN Client and the Cisco AnyConnect 3.0 Client for IPsec connections are also described. Cisco VPN Client is software that runs on an endpoint, with support for Windows, Mac OS X, and Linux. When you install Cisco VPN Client on a remote PC and it communicates with a Cisco ASA adaptive security appliance, it creates a secure connection over the Internet. Through this connection, you can access a private network as if you were an on-site user. This course describes the features that Cisco VPN Client and Cisco AnyConnect Secure Mobility Client 3.0 (Cisco AnyConnect 3.0) support, and shows you how to install the client software and configure a profile. This course also covers how to configure advanced Cisco VPN Client profile settings for the Cisco IPsec VPN Client. A basic Cisco remote access IP Security (IPsec) VPN solution provides client-based access to sensitive resources over a remote access IPsec VPN gateway that is implemented on the Cisco ASA adaptive security appliance. A basic Cisco remote access IPsec VPN solution uses basic user authentication using usernames and passwords, client configuration and IP address assignment services, and a single access control policy. This course demonstrates how to configure, verify, and troubleshoot a basic Remote Access IPsec VPN solution.

Learning Objectives
  • Describe the features of IPsec VPN technology
  • Determine which Cisco VPN Client product should be used for a given scenario
  • Identify the tasks to implement the Legacy Cisco IPsec VPN Client
  • Identify the steps to configure basic Cisco ASA security appliance gateway features and gateway authentication for remote access IPsec VPNs
  • Identify the steps to configure group authentication in the basic Cisco remote access IPsec VPN solution
  • Deploy basic Cisco Easy VPN
  • Set up the Cisco ASA 5520 as an Easy VPN server
  • Identify the steps to configure Cisco remote access IPsec VPN extended authentication
  • Identify the steps to configure Cisco remote access IPsec VPN hybrid authentication
  • Identify the steps to configure Cisco remote access VPN local IP address management
  • Identify the steps to configure Cisco remote access VPN basic access control
  • Identify the steps to configure IKEv2 support for remote access IPsec VPN solutions
  • Troubleshoot basic Cisco remote access IPsec VPN operation

Cisco VPN 2.0: Cisco ASA Site-to-Site IPsec VPN Solutions

The Cisco ASA adaptive security appliance supports site-to-site IP Security (IPsec) VPN deployments, which can be used to protect traffic between remote and central sites. Basic deployments of site-to-site IPsec VPNs use pre-shared keys (PSKs) for authentication, which is recommended for smaller deployments. This course demonstrates how to configure, verify, and troubleshoot basic site-to-site IPsec VPNs. The Cisco ASA adaptive security appliance supports certificate-based authentication in site-to-site VPNs, together with rich public key infrastructure (PKI) integration options. You can use certificates to provide secure and scalable authentication among multiple sites in large site-to-site IPsec VPNs. How to enroll the Cisco ASA security appliance into a PKI and how to enable certificate-based authentication for site-to-site IPsec VPNs is also covered in the course.

Learning Objectives
  • Identify the guidelines for configuring a Cisco ASA security appliance site-to-site VPN
  • Identify the steps to configure basic peer authentication in a Cisco ASA security appliance site-to-site VPN
  • Identify the steps to configure transmission protection in a Cisco ASA security appliance site-to-site VPN
  • Configure IKE and IPsec parameters required for site-to-site secure tunnel establishment
  • Troubleshoot the operation of a Cisco ASA security appliance site-to-site VPN
  • Identify the steps to configure PKI-based peer authentication for a site-to-site VPN

Cisco VPN 2.0: Deploying Advanced AAA in Cisco Full-Tunnel VPNs

When deploying VPNs, it is important to use strong authentication options. This course describes several advanced authentication options that you can use when implementing Cisco AnyConnect full-tunnel Secure Sockets Layer (SSL) VPNs on the Cisco ASA adaptive Security Appliance. These authentication options offer more adequate security and scalability, compared to basic local authentication. Advanced password-based authentication using external authentication, authorization, and accounting (AAA) servers, certificate-based authentication using the local certificate authority (CA) of the Security Appliance, and options that are available to verify user certificates for revocation are also covered.

Learning Objectives
  • Describe how to select a gateway and user authentication method in Cisco AnyConnect full-tunnel SSL VPNs
  • Describe the considerations involved in planning the deployment of advanced client authentication
  • Distinguish between external AAA authentication configuration tasks
  • Describe how to configure the local CA on the Cisco ASA Security Appliance and the Cisco AnyConnect Client, with client certificates provisioned by the Cisco ASA Security Appliance
  • Describe the considerations involved in configuring the Cisco ASA and Cisco AnyConnect Client to use an external CA and provision client certificates
  • Sequence the steps to configure SCEP proxy for Cisco AnyConnect
  • Describe how to implement a certificate revocation solution
  • Identify valid combinations for deploying multiple authentication combinations
  • Describe how to configure local group policy authorization in a Cisco full-tunnel SSL VPN
  • Match the external VPN authorization input parameters to their descriptions
  • Describe how to configure remote group policy authorization in a Cisco full-tunnel SSL VPN
  • Sequence the steps to enable accounting in a connection profile

Cisco VPN 2.0: Implementing Cisco Secure Desktop and DAP for SSL VPNs

An important requirement of VPNs is to provide host security at the endpoint. This ensures hosts that connect to the trusted network and to provide high availability and high performance are secure. Cisco Secure Desktop enables administrators to provide a higher level of security to untrusted endpoints with dynamically downloadable ActiveX components. Cisco Secure Sockets Layer (SSL) VPN solutions provide organizations with robust and flexible products for protecting their security and the privacy of their information; Cisco SSL VPN solutions can also play an important part in the compliance strategies of an organization. Cisco Secure Desktop technology interoperates with the endpoint operating system and can ensure the removal of all data, especially from an untrusted system with potentially malicious third-party software installed. You can deploy Cisco Secure Desktop to reduce the risks posed by untrusted endpoints that connect to an enterprise network via a clientless SSL VPN or Cisco AnyConnect client session. Cisco Secure Desktop, in combination with other security controls and mechanisms, helps reduce the risks that are associated with using clientless and full-tunnel SSL VPNs. This course describes how to implement Cisco Secure Desktop for both clientless and full-tunnel SSL VPNs.

Learning Objectives
  • Describe Cisco AnyConnect full-tunnel SSL VPN network admission features
  • Describe the considerations involved in enabling Cisco Secure Desktop functions
  • Describe the considerations involved in Cisco Secure Desktop deployment
  • Describe how to configure and verify Cisco Secure Desktop prelogin criteria on a Cisco ASA security appliance SSL VPN gateway
  • Match the actions you can apply to prelogin policies to their descriptions
  • Describe how to configure and verify Cisco Secure Desktop prelogin policies on a Cisco ASA security appliance SSL VPN gateway
  • Describe the purpose of the Cisco Secure Desktop Advanced Endpoint Assessment extension
  • Describe how DAP on the Cisco ASA is used in authorization operations
  • Describe the tasks used to configure Cisco Secure desktop-enabled DAP policies
  • Describe the tasks used to integrate Cisco Secure Desktop with DAP
  • Sequence the steps to troubleshoot Cisco Secure Desktop operations on a Cisco ASA security appliance SSL VPN gateway

Cisco VPN 2.0: Deploying High Availability Features in Cisco ASA VPNs

Two of the most challenging requirements of VPNs are high availability and high performance. High availability ensures continuous operation even if one or more VPN servers fail. High performance enhancements are deployed to boost the system performance by alleviating the load that is placed on a single VPN server. This course discusses the methods of deploying high availability: redundant peering, active/standby failover, cluster load balancing, and server load balancing (SLB). This course explains the troubleshooting methods that can be employed to investigate high availability problems.

Learning Objectives
  • Describe the high-availability options in SSL and IPsec VPNs
  • Describe how to deploy redundant peering in full-tunnel VPNs
  • Identify the considerations for deploying active/standby failover for SSL and IPsec VPNs
  • Identify the steps to implement OSPF through an IPsec site-to-site tunnel
  • Identify the considerations for deploying Cisco ASA security appliance VPN clusters
  • Describe how to provide high availability and high performance using an external SLB appliance
  • Describe how to troubleshoot Cisco ASA security appliance VPN failover and load balancing
Register Now
VPN 2.0 : Deploying Cisco ASA VPN Solutions Part 2 e-learning bundle
  • Course ID:
    252745
  • Duration:
    7 hours
  • Price:
    $199