Cisco ASA Essentials- Implementing Cisco ASA Security Features with FirePower Integration
Cisco ASA Essentials- Implementing Cisco ASA Security Features with FirePower Integration Course Details:
This course provides advanced training on the key Cisco ASA features including the following:
- Describe the Cisco ASA 5500-X Basic Connectivity and Device Management
- Access Control and Troubleshooting
- MPF Basic Application
- Clientless SSL VPN
- Full Client AnyConnect VPN
- Active-Standby HA and Cluster
- Install and Set up the Cisco FirePOWER Services Module (SFR)
- Configuring and Testing ASA SFR
No classes are currenty scheduled for this course.
Call (919) 283-1674 to get a class scheduled online or in your area!
Module 1: Evaluating Cisco ASA Adaptive Security Appliance Technologies
- Firewall Technologies
Module 2: Basic Connectivity and Device Management
- Managing the Cisco ASA Boot Process
- Managing the Cisco ASA Adaptive Security Appliance Using CLI
- Managing the Cisco ASA Using Cisco ASDM
- Navigating Basic Cisco ASDM Features
- Managing the Cisco ASA Basic Upgrade
- Managing Cisco ASA Security Levels
- Configuring and Verifying Basic Connectivity Parameters
- Troubleshooting Basic Connectivity
Module 3: Cisco ASA Policy Control
- Cisco MPF Overview
- Configuring and Verifying Layer 3 and Layer 4 Policies
Module 4: Cisco ASA VPN Common Components
- VPN Definition
- Key Threats to WANs and Remote Access
- VPN Types
- Cisco ASA VPN Policy Configuration
- Cisco ASA Connection Profiles
- Cisco ASA VPN AAA and External Policy Storage
- Cisco ASA User attributes
- Access Control Methods
- VPN Accounting Using Externals Servers
- Dynamic Access Policy for SSL VPN
- Using PKI
- Provisioning Server-Side Certificates on the Cisco ASA Adaptive Security Appliance
- CA Servers
- Deploying Client-Based Certificate Authentication
- SCEP Proxy Operation
- Enable Certificate Authentication in Connection Profile
- Configuring Certificate-to-Connection Profile Mappings
Module 5: Cisco Clientless VPN
- Cisco Clientless SSL VPN
- Cisco Clientless SSL VPN Use Cases
- Cisco Clientless SSL VPN Resource Access Methods
- Secure Sockets Layer and Transport Layer Security
- SSL Session Setup and Key Management
- SSL Server Authentication
- SSL Client Authentication
- SSL Transmission Protection
- Basic Cisco Clientless SSL VPN
- Server Authentication in Basic Clientless SSL VPN
- Client-side Authentication in Basic Clientless SSL VPN
- Clientless SSL VPN URL Entry and Bookmarks
- Basic Access Control for Clientless SSL VPN
- Disabling Content Rewriting
- Basic Clientless SSL VPN Configuration Tasks
- Basic Clientless SSL VPN Configuration Scenario
- Configuring Basic Cisco Clientless SSL VPN
- Verify Basic Cisco Clientless SSL VPN
- Troubleshooting Basic Clientless SSL VPN Operations
- Cisco Clientless SSL VPN Application Access Overview
- Application Plug-Ins
- Configuring Application Plug-ins
- Verify Clientless SSL VPN Application Plug-Ins
- Troubleshooting Clientless SSL VPN Application Plug-Ins
- Smart Tunnels
- Configuring Smart Tunnels
- Verifying Smart Tunnels
- Troubleshoot Smart Tunnels
- Client-side Authentication Options
- Client-side Authentication and Authorization Using AAA Server
- Double Client-side Authentication Using AAA Servers
Module 6: Cisco AnyConnect Full Tunnel VPN Solution
- Basic Cisco AnyConnect SSL VPN
- SSL VPN Clients Authentication
- SSL VPN Clients IP Address Assignment
- SSL VPN Split Tunneling
- Configuration Scenario
- Configuration Tasks
- Enable AnyConnect SSL VPN
- Define IP Address Pool
- Configure Identity NAT
- Configure Group Policy
- Configure Group Policy: Split Tunneling
- Configure Connection Profile
- Monitor AnyConnect VPN on Client
- Monitor AnyConnect VPN on Server
- Cisco AnyConnect SSL VPN Solution Components
- DTLS Overview
- Parallel DTLS and TLS Tunnels
- Configure DTLS
- Verify DTLS
- Cisco AnyConnect Client Configuration Management
- Managing Cisco AnyConnect Software from Cisco ASA
- Cisco AnyConnect Client Operating System Integration Options
- Deploying Cisco AnyConnect Trusted Network Detection
- Cisco AnyConnect Start Before Logon
- Deploying Cisco AnyConnect Start Before Logon
- Cisco AnyConnect Advanced Authentication Scenarios
- Certificate-Based Server Authentication
- Client Enrollment Methods
- Methods for Revoking Credentials
- Enable Certificate-Based Authentication
- Enable Two-Factor Authentication
- Two-Factor Authentication with Name Pre-Fill
- Local Authorization Overview
- Local Authorization Configuration Procedure
- Configure Local Authorization
- Verify Local Authorization
- External Authorization Scenario
- Configure Authorization Using LDAP/AD
- Verify External Authorization
- Troubleshooting Cisco AnyConnect VPN
- AnyConnect Support for IKEv2
- Internet Key Exchange v1 and v2
- Making IPsec the Primary Protocol for a Host Entry
- IKEv2 Configuration Procedure
- Configure a Cisco AnyConnect IPsec VPN on a Cisco ASA
- Verify and Troubleshoot Cisco AnyConnect IPsec VPN on Cisco ASA
Module 7: Cisco ASA High Availability
- Configuring Cisco ASA Active / Standby Failover High Availability
- Configuring and Verifying Active / Standby Failover
- Tuning and Managing Active / Standby Failover
- Remote Command Execution
- Troubleshooting Active / Standby Failover
Module 8: Cisco ASA FirePower (SFR) Module
- Describing Cisco ASA Cluster Features
- Cluster Performance Figures and Supported Platforms
- Cluster Data-Interface Modes
- Cluster Data-Interface Connections
- CCL Functions
- Cluster Master and Slave Unit Election
- Centralized, Distributed and Unsupported Cisco ASA Features
- Cluster Dynamic-Routing Operations
- Cluster NAT and PAT Operations
Module 9: Cisco ASA FirePower (SFR) Module
- Managing Cisco ASA FirePOWER Services Module Using Cisco FireSIGHT Management Center
- Configuring ASA Firepower Services v6.0 New Features
*Please Note: Course Outline is subject to change without notice. Exact course outline will be provided at time of registration.
- An overview of the Cisco ASA 5500-X Series Basic Connectivity and Device Management
- Implement ASA Access Control and Troubleshooting
- Configure ASA MPF Basic Application
- How to implement Cisco ASA Basic Clientless VPN
- How to implement Cisco ASA Advanced AnyConnect SSL VPN
- How to implement Cisco IPsec Remote Access VPN
- How to implement Cisco Active-Standby HA
- How to implement a Cisco ASA Cluster feature which allows as many as eight Cisco ASA appliances to be joined in a single cluster
- How to implement the Cisco ASA SFR (FirePOWER Services) module, including key functions of FirePOWER Management Center integration, Access Control Policy, Intrusion Prevention Policy, File Policy, Network Discovery Policy, Application Detection Policy, Active Directory Integration, User Based Access Control. DNS Policy, URL Policy, and SSL Policy
- Lab 1: Basic Connectivity and Device Management
- Lab 2: Access Control and Troubleshooting
- Lab 3: MPF Basic Application
- Lab 4: Basic Clientless SSL VPN
- Lab 5: Basic AnyConnect SSL VPN
- Lab 6: Advanced AnyConnect SSL VPN
- Lab 7: IPsec Remote Access VPN
- Lab 8: IKEv1 Site-to-Site : ASA-IOS
- Lab 9 (Odd Pod): Active Standby HA
- Lab 10 (Even Pod): Active Standby HA
- Lab 11: Implement Cisco ASA Clustering
- Lab 12: Installing and Configuring ASA SFR
- Lab 13: Configure and Test FMC
Suggested that you have the knowledge of CCNA-Implementing and Administering Cisco Solutions
- Network administrators, managers, coordinators
- Anyone who requires advanced training on the ASA 5500-X
- Security technicians, administrators, and engineers