VPN 2.0 - Deploying Cisco ASA VPN Solutions

$3,595.00


  • classroom

  • virtual

  • Onsite
Duration: 5 Days

Learn to configure, maintain, and operate VPN solutions based on the Cisco ASA 5500 Series Adaptive Security Appliance (ASA) including:

  • Site-to-site IPSec VPN
  • Remote access IPSec VPN
  • Remote access SSL VPN with AnyConnect 3.0
  • Load balancing VPN clusters
  • AAA for VPNs using Cisco ACS 5.2

We have enhanced the standard Cisco labs to run on our expanded topology to better simulate a typical production network. Using an ASA 5520, our expert instructors will guide you through exercises such as:

  • Managing digital certificates for IPSec and SSL VPNs
  • Implementing both site-to-site and remote access VPN
  • Implementing VPN access policies for corporate employees, contractors, and partners

A Proven Impact Exclusive: Bonus Lab Credits

You'll receive 10 extra e-Lab credits (good for 30 Days ) to review a topic after class, refine your skills, or get in extra practice-whatever lab activities complete your training.

What You Will Learn

 

  • Implement site-to-site IPSec VPN
  • Implement remote access IPSec and SSL VPNs
  • Work with both the legacy Cisco IPSec VPN client and the AnyConnect 3.0 VPN client
  • Deploy clientless SSL VPN access, including portal customization, smart tunnel access, and web-type ACLs
  • Implement single sign-on for clientless VPN access to internal resources
  • Deploy full tunnel SSL VPN using the Cisco AnyConnect VPN Client
  • Determine and enhance the security posture of remote SSL VPN systems using Cisco Secure Desktop
  • Use digital certificates and PKI infrastructure for peer identity management in all classes of VPN
  • Configure the ASA as a Certificate Authority for SSL VPN access
  • Configure the ASA as a SCEP proxy for remote access VPN
  • Configure access control policies to implement your security policy across all classes of VPN
  • Use Dynamic Access Policies (DAP) to adapt a remote user's VPN policy to the user's current situation
  • Implement High Availability and scalability features for Cisco ASA VPN solutions

Audience

 

  • Anyone who implements and maintains VPN features on the Cisco ASA
  • Those seeking CCNP Security certification

Prerequistes

 

Course Outline

 

1. ASA VPN Architecture and Common Components

  • ASA VPN Subsystem Architecture
  • ASA Software Architecture
  • Implementing Profiles, Group Policies, and User Profiles
  • Implementing PKI Services

2. ASA Remote Access SSL VPN Solutions

  • Basic Clientless SSL VPN
  • Advanced Clientless SSL VPN
  • Advanced Authentication and SSO for Clientless SSL VPN
    • Customizing the Clientless SSL VPN Interface and Portal

3. AnyConnect Remote Access SSL VPN

  • Basic AnyConnect Full Tunnel SSL VPN Solution
  • Advanced AnyConnect Full Tunnel SSL VPN Solution
  • Advanced AAA in AnyConnect Full Tunnel VPNs

4. ASA Remote Access IPSec VPNs

  • Deploying Cisco Remote Access VPN Clients
  • Basic Remote Access IPSec VPN Solutions

5. ASA Site-to-Site VPNs

  • Basic Site-to-Site IPSec VPNs
  • Advanced Site-to-Site IPSec VPNs

6. Endpoint Security and High Availability for ASA VPNs

  • Cisco Secure Desktop and DAP for SSL VPNs
  • High Availability Features in ASA VPNs

Course Labs

 

Lab 1: Enhanced - Licensing, ACS, Public CA

Lab 2: Enhanced - Basic Clientless SSL VPN

Lab 3: Enhanced - Clientless SSL VPN: Thin Apps

Lab 4: Enhanced - Customizations and Auto Sign-On

Lab 5: Enhanced - Basic AnyConnect Full Tunnel SSL VPN

Lab 6: Enhanced - AnyConnect: Centralized Management

Lab 7: Enhanced - Local CA and SCEP Proxy

Lab 8: Enhanced - Remote Access IPSec VPN

Lab 9: Enhanced - IPSec Site-to-Site VPN

Lab 10: Enhanced - Cisco Secure Desktop and Dynamic Access Policies

Lab 11: Enhanced - VPN Server Load Balancing