This dynamic and hands-on intensive 5 day course combines the two latest courses on the ASA: Deploying Cisco ASA Firewall Features (FIREWALL) Version 2.0 (FIREWALL) and Deploying Cisco ASA VPN Solutions (Version 2.0) (VPN). You will receive both Cisco authorized course kits, but only cover the most vital aspects of the Adaptive Security Appliance's firewall and VPN capabilities. This course is a good option for the advanced candidate who wants to learn to support / implement a Cisco ASA but cannot commit the full training time of two weeks to take a CCNP security boot camp.
In the first part of this course, we take a task-oriented approach to teaching the skills to configure, operate and manage the Cisco Adaptive Security Appliance product family. Configurations are performed via ASDM. This course covers important new ASA and PIX Security Appliance 8.0 features, giving you the knowledge and skills to protect network systems from intrusions and security threats. In the second half of this course, you will learn to describe, configure, verify and manage the Cisco ASA Security Appliance product. In this lab-intensive course, you will learn to take the appropriate steps needed to configure the security appliance to identify, alert and defend against attacks. CCNA or CCNA Security Certification are strongly suggested as prerequisites. You must also have experience in configuring Cisco IOS software, basic knowledge of the Windows operating system, and familiarity with networking and security terms and concepts. This course is for network professionals wanting to guarantee the security of their network.
Please note that although the course content is categorized as intermediate, the learning tempo/rate of delivery of the course is advanced. Therefore, we recommend that candidates have a solid theoretical foundation as well as considerable practical experience when considering boot camp enrollment. The days are longer, running from 9 AM til 6 PM, and the instructor may decide to start subsequent days as early as 8 AM.
Located outside our service areas? No problem. We also offer this course in the Live
Online format. If you prefer face-to-face interaction, we offer hotel/airfare packages that are extremely inexpensive. Quite often, we bundle the hotel stay into the cost of the class for no extra charge.
The knowledge and skills you must have before attending this course are as follows:
- Cisco Certified Network Associate (CCNA) certification.
- Cisco Certified Network Associate Security (CCNA Security) certification.
- Working knowledge of the Microsoft Windows operating system.
Who Should Attend
This course is intended for Cisco customers who implement and maintain PIX and ASA Security Appliances as well as networking professionals tasked with ensuring the effective use of Cisco VPN technologies within their networks; Cisco channel partners who sell, implement and maintain PIX and ASA Security Appliances; and Cisco systems engineers who support the sale of PIX and ASA Security Appliances.
Upon completing this course, you will be able to:
- Explain the functions of the three types of firewalls used to secure today's computer networks
- Describe the technology and features of Cisco security appliances
- Given diagrams of networks protected by Cisco Adaptive Security Appliances (ASAs) and Cisco PIX Security Appliances, explain how each appliance protects network devices from attacks and why each is an appropriate choice for the example network
- Bootstrap the security appliance, prepare the security appliance for configuration via the Cisco Adaptive Security Device Manager (ASDM) and launch and navigate ASDM
- Use ASDM and the CLI to perform essential security appliance configuration
- Use ASDM to configure dynamic and static address translations in the security appliance
- Use ASDM to configure switching and routing on the security appliance
- Given a PC, a Cisco 5520 ASA, and a security policy, use ASDM to configure access control lists, filter malicious active codes and filter URLs to meet the requirements of the security policy
- Use the packet tracer for troubleshooting
- Use ASDM to configure object groups that meet the requirements of the security policy
- Use ASDM to configure AAA as needed to meet the requirements of the security policy
- Use ASDM to configure a modular policy that supports the security policy
- Use ASDM to configure protocol inspection to meet the requirements of the security policy
- Use ASDM and the CLI to configure threat detection to meet the requirements of the security policy
- Use ASDM to configure the security appliance to support a site-to-site VPN that meets the requirements of the security policy
- Use ASDM to configure the security appliance to provide secure connectivity using remote access VPNs
- Configure the security appliance to run in transparent firewall mode as needed to meet the requirements of the security policy
- Enable, configure, and manage multiple contexts as needed to meet the requirements of the security policy
- Select and configure the type of failover that best suits the network topology
- Monitor and manage an installed security appliance
- Configure policy NAT based on traffic type
- Describe the layer 7 modular policy framework for the security appliance and how it is configured
- Describe the layer 7 advanced protocol handling capabilities of modular policy frame and how it is configured.
- Determine the necessary configuration for the ASA 5505 to be a VPN hardware client
- Configure CSD and DAP for SSL VPN connections on the Cisco ASA
- Identify the steps needed to configure, inspect and filter traffic with the Content Security and Control SSM
- Identify the steps needed to configure the security appliance to identify, alert and defend against attacks