Deploying Cisco ASA Firewall Features

This course is already delivered, please contact us for the next available session tel:+357 22 44 14 92
Course Outline in PDF

Overview:

It is a five-day instructor-led course that is aimed at providing network security engineers with the knowledge and skills that are needed to implement and maintain perimeter solutions that are based on Cisco ASA security appliances. At the end of the course, students will be able to reduce risk to their IT infrastructure and applications using Cisco ASA security appliance features, and provide detailed operations support for the Cisco ASA security appliance.

Who Should Attend:

The primary audience for this course is as follows:
•Network Security Engineers (NSEs) involved in firewall design, implementation and maintenance.
•Cisco customers who implement and maintain Cisco ASA (adaptive security appliance) based perimeter solutions.
The secondary audience for this course is as follows:
•Cisco channel partners who sell, implement, and maintain Cisco ASA security appliances
•Cisco engineers who support the sale of Cisco ASA security appliances

At Course Completion:

Upon completing this course, the learner will be able to meet these overall objectives:
•Evaluate the basic firewall technology, features, hardware models, and licensing options of
•the Cisco ASA security appliance
•Implement and troubleshoot basic Cisco ASA security appliance connectivity and device
•management plane features
•Configure and verify Cisco ASA security appliance network integration
•Configure and verify Cisco ASA security appliance policy
•Configure and verify high availability and virtualization on Cisco ASA security appliances
 
Outline:

Module 1: Cisco ASA Adaptive Security Appliance Introduction

Lesson 1: Introducing Cisco ASA Adaptive Security Appliance Technologies
•Describe the concepts of a firewall and of network segmentation into security domains
•Describe and evaluate technologies that you can use for firewall systems
•Describe the Cisco ASA security appliance firewall and VPN-related access control features using case studies

Lesson 2: Identifying the Cisco ASA Adaptive Security Appliance Families
•Choose appropriate Cisco ASA security appliance hardware
•Evaluate and choose appropriate Cisco ASA security service modules

Lesson 3: Identifying Cisco ASA Adaptive Security Appliance Licensing Options
•Choose the appropriate Cisco ASA security appliance licensing
•Identify requirements that are model specific for licensing on the Cisco ASA security appliance

Module 2: Basic Connectivity and Device Management

Implement and troubleshoot basic Cisco ASA security appliance connectivity and device management plane features

Lesson 1: Preparing the Cisco ASA Adaptive Security Appliance for Network Integration
•Explain the Cisco ASA security appliance boot process
•Use the Cisco ASA security appliance CLI to configure the appliance
•Describe the Cisco ASDM and its operating requirements
•Configure the Cisco ASA security appliance using the Cisco ASDM
•Upgrade the Cisco ASA security appliance when no firewall configuration is present
Lab 2-1: Preparing the Cisco ASA Adaptive Security Appliance for Network Integration

Lesson 2: Managing Basic Cisco ASA Adaptive Security Appliance Network Settings
•Configure Cisco ASA security appliance network interface security levels
•Configure and verify network interface parameters on Cisco ASA security appliances
•Configure and verify VLANs on Cisco ASA security appliances
•Configure a default route for Internet access
•Configure and verify the DHCP server feature on Cisco ASA security appliances
•Troubleshoot basic connectivity on Cisco ASA security appliances
Lab 2-2: Configuring the Cisco ASA Adaptive Security Appliance for Secure Network Integration

Lesson 3: Configuring Cisco ASA Adaptive Security Appliance Device Management Features
•Configure and verify basic management settings on Cisco ASA security appliances
•Describe file system and configuration management on Cisco ASA security appliances
•Manage image upgrades and activation keys
•Configure and verify time settings and support for NTP on Cisco ASA security appliances
•Configure and verify logging settings and NetFlow on Cisco ASA security appliances
•Configure and verify remote management channels on Cisco ASA security appliances
•Configure and verify AAA for management access on Cisco ASA security appliances
•Troubleshoot management access that failed to the Cisco ASA security appliance
Lab 2-3: Configuring Management Features

Module 3: Network Integration

Configure and verify Cisco ASA security appliance network integration

Lesson 1: Configuring Cisco ASA Adaptive Security Appliance NAT Features
•Explain how to manage NAT on Cisco ASA Software Version 8.2 and earlier
•Describe the NAT functions on Cisco ASA Software Versions 8.3 and later
•Configure NAT on the Cisco ASA security appliance using object (auto) NAT
•Configure NAT on the Cisco ASA security appliance using manual NAT
•Tune and troubleshoot NAT on the Cisco ASA security appliance using the Cisco ASDM and CLI tools
Lab 3-1: Configuring NAT

Lesson 2: Configuring Cisco ASA Adaptive Security Appliance Basic Access Control Features
•Describe the connection table, the local host table, connection objects, and local host objects
•Configure and verify interface ACLs on Cisco ASA security appliances
•Configure and verify global ACLs on the Cisco ASA security appliance
•Configure and verify object groups on Cisco ASA security appliances
•Configure and verify public servers on Cisco ASA security appliances using Cisco ASDM
•Configure and verify other basic access controls, such as uRPF and shun, on Cisco ASA security appliances
•Troubleshoot ACLs on Cisco ASA security appliances
Lab 3-2: Configuring Basic Cisco Access Control Features

Lesson 3: Configuring Cisco ASA Adaptive Security Appliance Routing Features
•Configure and verify static routing on Cisco ASA security appliances
•Discuss dynamic routing support on Cisco ASA security appliances
•Configure and verify EIGRP on Cisco ASA security appliances
•Evaluate multicast support on Cisco ASA security appliances

Lesson 4: Configuring the Cisco ASA Adaptive Security Appliance Transparent Firewall
•Evaluate transparent mode features and plan the deployment of transparent mode on Cisco ASA security appliances
•Configure and verify transparent mode on Cisco ASA security appliances
•Configure and verify Layer 3 through Layer 7 access controls in transparent firewall mode
•Configure and verify Layer 2 access controls in transparent firewall mode
•Troubleshoot transparent firewall on Cisco ASA security appliances
Lab 3-3: Configuring Transparent Firewall (Optional)

Module 4: Cisco ASA Adaptive Security Appliance Policy Control

Configure and verify Cisco ASA security appliance policy

Lesson 1: Defining the Cisco ASA Adaptive Security Appliance MPF
•Plan the deployment of the Cisco MPF on the Cisco ASA security appliance
•Configure and verify OSI Layer 3 and Layer 4 policies on the Cisco ASA security appliance
•Configure and verify a management traffic policy on the Cisco ASA security appliance

Lesson 2: Configuring Cisco ASA Adaptive Security Appliance Connection Policy and QoS Settings
•Describe the Cisco ASA security appliance basic stateful inspection tuning options
•Tune OSI Layer 3 and Layer 4 inspection policy on the Cisco ASA security appliance
•Configure and verify connection settings using MPF on the Cisco ASA security appliance
•Configure and verify support for dynamic protocols using MPF on the Cisco ASA security appliance
•Configure support for the Botnet Traffic Filter on the Cisco ASA security appliance
•Configure QoS support on the Cisco ASA security appliance
•Troubleshoot OSI Layer 3 and Layer 4 inspection policy on the Cisco ASA security appliance
Lab 4-1: Configuring MPF, Basic Stateful Inspections, and QoS

Lesson 3: Configuring Cisco ASA Adaptive Security Appliance Advanced Application Inspections
•Introduce Layer 5 to Layer 7 application inspection on the Cisco ASA security appliance
•Configure and verify application inspection of HTTP traffic
•Configure and verify application inspection of FTP traffic
•Describe support for other Layer 5 to Layer 7 application policy enforcement on the Cisco ASA security appliance
•Troubleshoot application layer inspection on Cisco ASA security appliances
Lab 4-2: Configuring MPF Advanced Application Inspections

Lesson 4: Configuring Cisco ASA Adaptive Security Appliance User-Based Policies
•Plan the deployment of user-based access control on the Cisco ASA security appliance
•Configure and verify cut-through authentication on the Cisco ASA security appliance
•Configure authentication prompts and timeouts on the Cisco ASA security appliance
•Configure and verify cut-through authorization on the Cisco ASA security appliance
•Configure and verify cut-through accounting on the Cisco ASA security appliance
•Troubleshoot cut-through proxy operations on the Cisco ASA security appliance
Lab 4-3: Configuring Cut-Through Proxy

Module 5: Cisco ASA Adaptive Security Appliance High Availability and Virtualization

Configure and verify high availability and virtualization on Cisco ASA security appliances

Lesson 1: Configuring Cisco ASA Adaptive Security Appliance Interface Redundancy Features
•Configure and verify EtherChannel on the Cisco ASA security appliance
•Configure and verify redundant interfaces on the Cisco ASA security appliance
•Troubleshoot redundant interfaces on the Cisco ASA security appliance

Lesson 2: Configuring Cisco ASA Active/Standby High Availability
•Describe active/standby failover and plan the deployment of failover on the Cisco ASA security appliance
•Configure and verify active/standby failover on the Cisco ASA security appliance
•Tune and manage active/standby failover on the Cisco ASA security appliance
•Describes remote command execution when using the Cisco ASA security appliance in failover configuration
•Troubleshoot active/standby failover on the Cisco ASA security appliance
Lab 5-1: Configuring Active/Standby High Availability

Lesson 3: Configuring Security Contexts on the Cisco ASA Adaptive Security Appliance
•Describe security contexts and plan the deployment of security contexts on the Cisco ASA security appliance
•Configure security contexts on the Cisco ASA security appliance
•Verify and manage security contexts on the Cisco ASA security appliance
•Configure and verify resource management on the Cisco ASA security appliance
•Troubleshoot the operation of the Cisco ASA in multi-context mode

Lesson 4: Configuring Cisco ASA Active/Active High Availability
•Describe active/active failover and plan the deployment of failover on the Cisco ASA security appliance
•Configure and verify active/active failover on the Cisco ASA security appliance
•Tune active/active failover on the Cisco ASA security appliance
•Troubleshoot active/active failover on the Cisco ASA security appliance
Lab 5-2: Configuring Active/Active High Availabilit

sd sd sd sd sd sd sd sd sd sd sd sd