Font size:

This course includes Cisco Training Exclusives

EXCLUSIVE TO GLOBAL KNOWLEDGE - Accelerate your Cisco learning experience with complimentary access to the IT Skills Video On-Demand Library, Introduction to Cybersecurity digital learning course, course recordings, IT Resource Library, and digital courseware.

Learn more

Based on our enhanced SASAC v1.0 and SASAA v2.1 courses, this exclusive, lab-based course, provides you with your own set of equipment, giving you the Adaptive Security Appliance (ASA) 9.x and ASA SFR-based lab experience in just five days. This course provides 29 different lab scenarios using Cisco equipment such as: ASA v9.5, ASA 5515-X NGFW (Next-Generation Firewall SFR), Access Control Server (ACS 5.4), Context Directory Agent (CDA), Catalyst switch, Integrated Services Router (ISR), and ASA 55x5.

A typical day will begin with an informal white board lecture by the instructor, covering topics associated with the day's labs. Afterwards, you will be free to work on the labs at your own pace and to experiment in the lab environment. Of course, the instructor will remain available to assist as needed.

ASA 9.5 labs can be run in any order, any number of times. ASA-SFR labs will be run consecutively. With the exception of two labs that require two pods to work together, no coordination with other students is necessary.

A Global Knowledge Exclusive: You Get...

  • 10 extra e-Lab credits, good for 30 days, so you can practice and refine your skills
  • Enhanced content that exceeds standard authorized Cisco content
  • World-class Certified Cisco Systems Instructors?


Highlights:
  • Fundamental ASA configuration from the CLI and ASDM
  • Administrative access using AAA, TACACS+, and Cisco ACS 5.x
  • Object (auto) NAT and manual (twice) NAT
  • Access control and troubleshooting tools
  • Application inspection and control (deep packet inspection)
  • ASAv using 9.4 code
  • Equal cost multipathing using ASA security zones
  • Policy Based Routing on the ASA
  • ACL enhancements including forward reference and manual commit
  • Using the REST API to configure the ASA
  • Configuring BGP support on the ASA using 9.4 code
  • Bootstrapping and configuring the SFR 6.0 software module
  • Deploying Cisco Context Directory Agent (CDA) with Active Directory
  • Features of Cisco ASA 5500-X Series Next-Generation Firewalls (NGFW ASA SFR)
  • SFR (FirePOWER Services) software module integration using FirePOWER Management Center 6.0 and access control, intrusion prevention, file policy, network discovery, Active Directory integration, user based access control, DNS, URL, and SSL policy
  • Cloud Web Security (ScanSafe) integration
  • Threat and botnet detection
  • Dynamic routing
  • Transparent firewall and bridge groups
  • Basic and advanced clientless SSL VPN
  • Full tunnel SSL VPN using AnyConnect 3.x Secure Mobility Client
  • Remote Access IPsec IKEv2 using AnyConnect 3.x
  • Easy VPN remote for the SOHO using ASA 5505
  • External AAA authentication of VPN users
  • PKI and VPN integration
  • Host scan and dynamic access policies (DAP) for VPN
  • IPsec VPN site-to-site between ASAs and with IOS router
  • ASA and ISE integration for TrustSec Firewall using Security Group Tags
  • Active/standby failover
  • ASA clustering including local and spanned EtherChannel

Prerequisites:
  • Knowledge of the Cisco ASA


Audience:
  • Network engineers supporting Cisco ASA 9.x implementations

SASAC v1 Labs

Lab 1: ASA Administration and Network Integration

  • Clear the Existing Configuration�
  • Take Inventory of the ASA
  • Initialize the ASA�
  • Enable SSH
  • Install ASDM
  • Configure Interfaces
  • Setup Names and Static Routes
  • Configure NTP, Syslog, and SNMP
  • Configure DHCP Server
  • Install CA Root and Identity Certificates

Lab 2: Network Address Translation

  • Object NAT (for Dynamic PAT)
  • Object NAT (for Dynamic NAT)
  • Object NAT (for Static NAT)
  • Manual NAT
  • NAT Rule Order

Lab 3: Access Control and Troubleshooting

  • Create Object Groups
  • Configure Global Policy
  • Configure Guest Policy
  • Configure Outside Policy
  • Configure DMZ Policy
  • Configure Inside Policy
  • Configure ICMP Policy
  • Configure uRPF Policy
  • Ping TCP
  • Packet Tracer

Lab 4: MPF Basic Application Inspections

  • Basic HTTP and FTP Inspection
  • TTL Decrement and ISN Randomization
  • TCP Normalization and Connection Settings
  • Custom Application Support�
  • QoS with Priority Queuing and Policing

Lab 5: MPF Advanced Application Inspections

  • Enforcing HTTP RFC Compliance
  • Block an Undesirable HTTP Application
  • Filter Commands within FTP

Lab 6: Basic Clientless SSL VPN

  • Public CA Certificate
  • Configure ASA for DNS
  • Enable and Test Clientless SSL VPN
  • Connection Profiles and Group Policies
  • Local Users on the ASA
  • Browsing Policies�
  • Bookmark Lists�
  • Navigating without URL Entry�
  • WebType ACLs

Lab 7: Clientless SSL VPN Applications

  • Port Forwarding
  • Advanced Bookmarks
  • VPN Plugins
  • Smart Tunnels

Lab 8: External AAA for Clientless SSL VPN

  • AAA Options
  • External AAA with LDAP
  • External AAA with RADIUS and ACS

Lab 9: Basic AnyConnect SSL VPN

  • Configure Address Assignment Policy and Pools
  • Enable AnyConnect and Upload Client to the ASA
  • Configure SSL Algorithms
  • Modify Group Policies
  • Install AnyConnect Using WebLaunch
  • Configure NAT for Remote Access VPN
  • Allow Internet Access via Split Tunneling
  • Allow Internet Access via Hairpin
  • Modify a Local Group Policy
  • Configure a Centralized Group Policy

Lab 10: Advanced AnyConnect SSL VPN

  • DTLS and TLS Fallback
  • Pre-deploy Install of AnyConnect�
  • AnyConnect XML Profiles
  • Certificates with SCEP proxy

Lab 11: IPSec Remote Access VPN

  • Enable IKEv2 IPsec remote access VPN�
  • Test the IPsec AnyConnect Profile
  • IKEv2 with SCEP Proxy

Lab 12: Active-Standby High Availability

  • Prepare for this Lab
  • Prepare the Primary-ASA for Failover via ASDM
  • Configure the Failover Prompt
  • Prepare the Secondary-ASA for Failover via the CLI
  • Turn Failover On and Verify Status
  • Test Failover Operation
  • Return to a Normal State
  • Demonstrate Configuration Replication

SASAA v2.1 Labs

Lab 1: Set Up and Test the ASAv

  • Take Inventory of the ASAv
  • Initialize the ASAv�
  • Enable SSH
  • Connect via ASDM
  • Configure Interfaces
  • Setup names & Static Routes
  • Configure NTP, and Syslog
  • Configure NAT & ACLs
  • Configure BGP

Lab 2: Implement New Features in ASA 9.3 and 9.4

  • Configure and Monitor the ASAv Using the REST API
  • ACL Forward Reference
  • ACL Manual Commit
  • Policy-Based Routing
  • Verify ECMP

Lab 3: Configure the Cisco CDA

  • Explore the Cisco CDA CLI
  • Work with CDA CLI User Accounts
  • Explore th
Find a class and register in three easy steps:
  • 1. Select Location:
  • 2. Select Date Range:
    to
  • 3. Select Class Type:
    • All Types
    • C Classroom
    • V Virtual Live
    • Cv In-Class Virtual
    • O Online
Virtual Live5/14/2018 8:30:00 AM<span class="course-type type-v" style="cursor:default;word-wrap:normal;display:inline-block;" onmouseover="showHoverInfo(this, 'ProductTypeDescription' ,'VILT')" onmouseout="clearHoverInfo()">V</span>5 days4895.002878783
Virtual Live5/21/2018 11:30:00 AM<span class="course-type type-v" style="cursor:default;word-wrap:normal;display:inline-block;" onmouseover="showHoverInfo(this, 'ProductTypeDescription' ,'VILT')" onmouseout="clearHoverInfo()">V</span>5 days4895.002878787
Virtual Live6/18/2018 8:30:00 AM<span class="course-type type-v" style="cursor:default;word-wrap:normal;display:inline-block;" onmouseover="showHoverInfo(this, 'ProductTypeDescription' ,'VILT')" onmouseout="clearHoverInfo()">V</span>5 days4895.002878790
Virtual Live7/23/2018 8:30:00 AM<span class="course-type type-v" style="cursor:default;word-wrap:normal;display:inline-block;" onmouseover="showHoverInfo(this, 'ProductTypeDescription' ,'VILT')" onmouseout="clearHoverInfo()">V</span>5 days4895.002878784
Virtual Live8/20/2018 8:30:00 AM<span class="course-type type-v" style="cursor:default;word-wrap:normal;display:inline-block;" onmouseover="showHoverInfo(this, 'ProductTypeDescription' ,'VILT')" onmouseout="clearHoverInfo()">V</span>5 days4895.002878788
Virtual Live8/27/2018 11:30:00 AM<span class="course-type type-v" style="cursor:default;word-wrap:normal;display:inline-block;" onmouseover="showHoverInfo(this, 'ProductTypeDescription' ,'VILT')" onmouseout="clearHoverInfo()">V</span>5 days4895.002878791
Virtual Live9/17/2018 8:30:00 AM<span class="course-type type-v" style="cursor:default;word-wrap:normal;display:inline-block;" onmouseover="showHoverInfo(this, 'ProductTypeDescription' ,'VILT')" onmouseout="clearHoverInfo()">V</span>5 days4895.002878793
seek-warrow-w
  • 1
arrow-eseek-eitems per page1 - 7 of 7 items