Duration: 5 Days
Gain the skills needed to configure, maintain, and operate the firewall features of the Cisco ASA 5500 Series Adaptive Security Appliances (ASAs).
We have enhanced this course and added depth to the standard labs, using a topology that simulates a typical production network. You'll use ASA 5520 appliances to work through configuring access control to and from your network.
A Proven Impact Exclusive: Bonus Lab Credits
You'll receive 10 extra e-Lab credits (good for 30 Days ) to review a topic after class, refine your skills, or get in extra practice-whatever lab activities complete your training.
What You Will Learn
- Technology and features of the Cisco ASA
- Cisco ASA product family
- How ASAs and Cisco PIX Security Appliances protect network devices from attacks
- Bootstrap the security appliance
- Prepare the security appliance for configuration via the Cisco Adaptive Security Device Manager (ASDM)
- Launch and navigate ASDM
- Perform essential security appliance configuration using ASDM and the CLI
- Integrate the ASA with Cisco Secure ACS for TACACS+ command authorization
- Integrate the ASA with Cisco Secure ACS for RADIUS network access control
- Configure auto and manual network address translation (NAT)
- Configure access policy based on the Global Access Control List (ACL)
- Configure access policy based on interface ACLs
- Use object groups to simplify ACL complexity and maintenance
- Use the Modular Policy Framework to provide unique policies to specific data flows
- Handle advanced protocols with application inspection
- Deep packet inspection of application layer traffic
- Troubleshoot with TCPping, Syslog, Packet Tracer, and packet capture
- Configure access control based on authenticated users
- Configure the security appliance to run in transparent firewall mode
- Enable, configure, and manage multiple contexts to meet security policy requirements
- Select and configure the type of failover that best suits the network topology
- Monitor and manage an installed security appliance
Audience
- Anyone who implements and maintains Cisco ASA firewalls
- Network security specialists and technicians
- Candidates seeking CCNP Security certification
Prerequistes
Course Outline
1. Cisco ASA Introduction
- Cisco ASA Technologies
- Cisco ASA Families
- Cisco ASA Licensing Options
2. Basic Connectivity and Device Management
- Preparing the Cisco ASA for Network Integration
- Managing Basic Cisco ASA Network Settings
- Configuring Cisco ASA Device Management Features
3. Network Integration
- Configuring Cisco ASA NAT Features
- Configuring Cisco ASA Basic Access Control Features
- Configuring Cisco ASA Routing Features
- Configuring the Cisco ASA Transparent Firewall
4. Cisco ASA Policy Control
- Defining the Cisco ASA Modular Policy Framework (MPF)
- Configuring Cisco ASA Connection Policy and QoS Settings
- Configuring Cisco ASA Advanced Application Inspections
- Configuring Cisco ASA User-Based Policies
5. Cisco ASA High Availability and Virtualization
- Configuring Cisco ASA Interface Redundancy Features
- Configuring Cisco ASA Active/Standby High Availability
- Configuring Security Contexts on the Cisco ASA
- Configuring Cisco ASA Active/Active High Availability
Course Labs
Lab 1: Enhanced - Preparing the ASA for Administration
Lab 2: Enhanced - Fundamental ASA Configuration
Lab 3: Enhanced - AAA for Administrative Access
Lab 4: Enhanced - Network Address Translation
Lab 5: Enhanced - Basic Access Control
Lab 6: Exclusive - ICMP, uRPF, and Troubleshooting Tools
Lab 7: Enhanced - Transparent Firewall
Lab 8: Enhanced - Basic Protocol Inspection
Lab 9: Enhanced - Advanced Protocol Inspection
Lab 10: Enhanced - User-Based Policies
Lab 11: Enhanced - Active/Standby Failover
Lab 12: Enhanced - Active/Active Failover
