ASA Firewall Boot Camp (VPN / FIREWALL)(ASAFIRE)

This course is given on these dates and locations:

In the first part of this course, we take a task-oriented approach to teaching the skills to configure, operate, and manage the Cisco Adaptive Security Appliance product family. Configurations are performed via ASDM. This course covers important new ASA and PIX Security Appliance 8.0 features giving students the knowledge and skills to protect network systems from intrusions and security threats.  In the second half of this course, students will learn to describe, configure, verify, and manage the Cisco ASA Security Appliance product.  In this lab-intensive course, students will learn to take the appropriate steps needed to configure the security appliance to identify, alert, and defend against attacks.  CCNA or CCNA Security Certification strongly suggested as prerequisites.  Students must also have experience in configuring Cisco IOS software, basic knowledge of the Windows operating system, and familiarity with networking and security terms and concepts.  This course is for network professionals wanting to guarantee the security of their network.

Please note that although the course content is categorized as intermediate, the learning tempo/rate of delivery of the course is advanced.  Therefore, we recommend that candidates have a solid theoretical foundation as well as considerable practical experience when considering boot camp enrollment.

CCNA strongly recommended.  Suggested ICND1 and SND.                                                                                                                                                                                                                        

This is an advanced course for Cisco customers who implement and maintain PIX and ASA Security Appliances as well as networking professionals tasked with ensuring the effective use of Cisco VPN technologies within their networks; Cisco channel partners who sell, implement, and maintain PIX and ASA Security Appliances; and Cisco systems engineers who support the sale of PIX and ASA Security Appliances.
 

• Explain the functions of the three types of firewalls used to secure today's computer networks
• Describe the technology and features of Cisco security appliances
• Given diagrams of networks protected by Cisco Adaptive Security Appliances (ASAs) and Cisco PIX Security Appliances, explain how each appliance protects network devices from attacks and why each is an appropriate choice for the example network
• Bootstrap the security appliance, prepare the security appliance for configuration via the Cisco Adaptive Security Device Manager (ASDM), and launch and navigate ASDM
• Use ASDM and the CLI to perform essential security appliance configuration
• Use ASDM to configure dynamic and static address translations in the security appliance
• Use ASDM to configure switching and routing on the security appliance
• Given a PC, a Cisco 5520 ASA, and a security policy, use ASDM to configure access control lists, filter malicious active codes, and filter URLs to meet the requirements of the security policy
• Use the packet tracer for troubleshooting
• Use ASDM to configure object groups that meet the requirements of the security policy
• Use ASDM to configure AAA as needed to meet the requirements of the security policy
• Use ASDM to configure a modular policy that supports the security policy
• Use ASDM to configure protocol inspection to meet the requirements of the security policy
• Use ASDM and the CLI to configure threat detection to meet the requirements of the security policy
• Use ASDM to configure the security appliance to support a site-to-site VPN that meets the requirements of the security policy
• Use ASDM to configure the security appliance to provide secure connectivity using remote access VPNs
• Configure the security appliance to run in transparent firewall mode as needed to meet the requirements of the security policy
• Enable, configure, and manage multiple contexts as needed to meet the requirements of the security policy
• Select and configure the type of failover that best suits the network topology
• Monitor and manage an installed security appliance
• Configure policy NAT based on traffic type.
• Describe the layer 7 modular policy framework for the security appliance and how it is configured.
• Describe the layer 7 advanced protocol handling capabilities of modular policy frame and how it is configured.
• Determine the necessary configuration for the ASA 5505 to be a VPN hardware client.
• Configure CSD and DAP for SSL VPN connections on the Cisco ASA.
• Identify the steps needed to configure, inspect, and filter traffic with the Content Security and Control SSM.
• Identify the steps needed to configure the security appliance to identify, alert, and defend against attacks.

• Introducing Cisco Security Appliance Technology and Features
• Introducing the Cisco ASA and PIX Security Appliance Families
• Getting Started with Cisco Security Appliances
• Configuring a Security Appliance
• Configuring Translations and Connection Limits
• Using ACLs and Content Filtering
• Configuring Object Grouping
• Switching and Routing on Cisco Security Appliances
• Configuring AAA for Cut-Through Proxy
• Configuring the Cisco Modular Policy Framework
• Configuring Advanced Protocol Handling
• Configuring Threat Detection
• Configuring Site-to-Site VPNs Using Pre-Shared Keys
• Configuring Security Appliance Remote-Access VPNs
• Configuring the Cisco ASA Security Appliance for SSL VPN
• Configuring Transparent Firewall Mode
• Configuring Security Contexts
• Configuring Failover
• Managing the Security Appliance
• Configuring the ASA 5505 dual-ISP support
• Configuring ASA 5505 VLANs
• Configuring policy NAT
• Installing and configuring the Cisco Secure Desktop
• Configuring the security appliance to pass multicast traffic
• Configuring Layer 7 class maps and policy maps
•  Initializing the AIP-SSM and CSC-SSM