Course Description
Student will gain the essential skills required to configure, maintain, and operate Cisco ASA 5500-X Series Adaptive Security Appliances based on ASA Software v9.x.
COURSE OBJECTIVES:Upon successful completion of this course, students should be able to do the following:
• Technology and features of the Cisco ASA
• Cisco ASA product family
• How ASAs protect network devices from attacks
• Bootstrap the security appliance
• Prepare the security appliance for configuration via the Cisco Adaptive Security Device Manager (ASDM)
• Launch and navigate ASDM
• Essential security appliance configuration using ASDM and the command-line interface (CLI)
• Configure dynamic and static address translations
• Configure access policy based on ACLs
• Use object groups to simplify ACL complexity and maintenance
• Use the Modular Policy Framework to provide unique policies to specific data flows
• Handle advanced protocols with application inspection
• Troubleshoot with syslog and tcp ping
• Configure the ASA to work with Cisco Secure ACS 5.2 for RADIUS-based AAA of VPNs
• Implement site-to-site IPsec VPN
• Implement remote access IPsec and SSL VPNs using the Cisco AnyConnect 3.0 Secure Mobility Client
• Work with the 5.x Legacy Cisco IPsec VPN client and Anyconnect VPN client
• Deploy clientless SSL VPN access, including smart tunnels, plug-ins, and web-type ACLs
• Configure access control policies to implement your security policy across all classes of VPN
• Configure Active/Standby failover for both firewall and VPN high availability
Agenda
Cisco ASA Essentials
- • Lesson 1: Evaluating Cisco ASA Technologies
- • Lesson 2: Identifying Cisco ASA Families
Basic Connectivity and Device Management
- • Lesson 1: Preparing the Cisco ASA for Network Integration
- • Lesson 2: Managing Basic Cisco ASA Network Settings
- • Lesson 3: Configuring Cisco ASA Device Management Features
Network Integration
- • Lesson 1: Configuring Cisco ASA NAT Features
- • Lesson 2: Configuring Cisco ASA Basic Access Control Features
Cisco ASA Policy Control
- • Lesson 1: Cisco ASA Modular Policy Framework
- • Lesson 2: Configuring Cisco ASA Connection Policy
Cisco ASA VPN Architecture and Common Components
- • Lesson 1: Implementing Profiles, Group Policies, and User Policies
- • Lesson 2: Implementing PKI Services
Cisco ASA Clientless Remote Access SSL VPN Solutions
- • Lesson 1: Deploying Basic Clientless VPN Solutions
- • Lesson 2: Deploying Advanced Application Access for Clientless SSL VPNs
Cisco AnyConnect Remote Access SSL Solutions
- • Lesson 1: Deploying a Basic Cisco AnyConnect Full-Tunnel SSL VPN Solution
Cisco ASA Remote Access IPsec VPNs
- • Lesson 1: Deploying Cisco Remote Access VPN Clients
- • Lesson 2: Deploying Basic Cisco Remote Access IPsec VPN Solutions
Cisco ASA Site-to-Site IPsec VPN Solutions
- • Lesson 1: Deploying Basic Site-to-Site IPsec VPNs
- • Lesson 2: Deploying Advanced Site-to-Site IPsec VPNs
Cisco ASA High Availability and Virtualization
- • Lesson 1: Configuring Cisco ASA Active/Standby High Availability
Labs
- Lab 1: Prepare the ASA for Administration
- Lab 2: Fundamental ASA Configuration
- Lab 3: Network Address Translation (NAT)
- Lab 4: Basic Access Control
- Lab 5: Basic Protocol Inspection
- Lab 6: Licensing, ACS, and Public CA
- Lab 7: Basic Clientless SSL VPN
- Lab 8: Clientless SSL VPN - Thin Apps
- Lab 9: Basic AnyConnect Full Tunnel SSL VPN
- Lab 10: Remote Access IPSec VPN
- Lab 11: IPSec Site-to-Site VPN
- Lab 12: Active/Standby Failover
Audience
Students who need to know how to implement and manage Cisco ASA 5500-X.