SASAA – Implementing Advanced Cisco ASA Security

SASAA - Implementing Advanced Cisco ASA Security

COURSE OUTLINE:

Description

This course provides advanced training on the key Cisco Adaptive Security Appliance (ASA) 9.x features including the following:

Cisco ASA 5500-X Series Next-Generation Firewalls, ASAv, ASA 5506-X, 5508-X, 5516-X and ASA SM and implement new ASA 9.4.1 features
Cisco ASA Identity Firewall policies
Install and Set up the Cisco FirePOWER Services Module (SFR)
Implement Cisco ASA Cloud Web Security
Implement a Cisco ASA cluster
Cisco ASA security group firewall and change of authorization support

Audience

Network administrators, managers, coordinators
Anyone who requires advanced training on the ASA 5500-X
Security technicians, administrators, and engineers

Learning Objectives

Cisco ASA 5500-X Series Next-Generation Firewalls and the Cisco ASA Services Module (ASA SM)
Implement ASA Security Zones and Equal Cost Mulitpathing
Configure ASA 9.3/9.4 new features including: REST API for configuration, Policy Based Routing, ACL Manual Commit and ACL Forward Refernece
Implement the Cisco ASA Identity Firewall Feature, including the use of the Cisco CDA
Implement the Cisco ASA SFR (FirePOWER Services) module
Configure Cisco ASA to integrate with Cisco Cloud Web Security to provide web security and filtering services through an SaaS model
Security Group Access Control (SGACL) feature in Cisco ASA Software 9.0 and later.
Implement a Cisco ASA Cluster feature which allows as many as eight Cisco ASA appliances to be joined in a single cluster

1. Cisco ASA Product Family

ASA 5500-X Next-Generation Firewalls
Cisco ASAv
Implementing ASA 9.3 and 9.4.1 New Features
Cisco ASA SM

2. Cisco ASA Identity Firewall

The Cisco IDFW Solution
Setting Up Cisco CDA
Configuring Cisco CDA
Configuring Cisco ASA IDFW
Troubleshooting Cisco ASA IDFW

3. Cisco ASA FirePOWER (SFR) Module

Installing Cisco ASA FirePOWER Services Module
Managing Cisco ASA FirePOWER Services Module Using Cisco FireSIGHT Management Center
The Cisco ASA 5506-X, 5508-X, and 5516-X FirePOWER Services
Configuring ASA Firepower Services v6.0 New Features

4. Cisco ASA Cloud Web Security Integration

Cisco ASA with Cisco Cloud Web Security
Configuring Cisco ASA with Cisco Cloud Web Security
Cisco ASA with Cisco Cloud Web Security
The Web Filtering Policy in Cisco ScanCenter
Cisco Cloud Web Security Advanced Malware Protection and Threat Analytics

5. Cisco ASA Cluster

Cisco ASA Cluster Features
Cisco ASA Cluster Terminology and Data Flows
CLI to Configure a Cisco ASA Cluster
ASDM to Configure a Cisco ASA Cluster
Cisco ASA Cluster Operations
Troubleshooting a Cisco ASA Cluster Operations
Cisco ASA v9.1.4 and later Clustering Features

6. Cisco ASA Security Group Firewall

Introducing Cisco Security Group Tagging
Configuring ASA Security Group Firewall
ASA 9.2.1 and Later Releases SGT Features
ASA 9.2.1 and Later Releases Change of Authorization Support

RELATED COURSES

Technical Training
Cisco

SASAC – Implementing Core Cisco ASA Security v1.0

This enhanced course contains added depth to the standard labs, using a topology that simulates a typical production network. You’ll use ASA 5515 appliances to work through configuring access control to and from your network.

Additionally, the PC systems and server systems are an integral part of the lab environment. Here you will use Windows 8, Windows Server 2012, and Kali Linux to manage, test, and even attack your lab network using real-world operating systems and applications.

Technical Training
Cisco

Implementing Cisco Unified Communications Manager V 7.0 Features

The course Upgrading to Cisco Unified Communications Manager 7.0 (UCM70) provides the knowledge and experience necessary to migrate from a Cisco Unified CallManager 4.x or Cisco Unified Communications Manager 5.x and 6.x to a Cisco Unified Communications Manager 7.0. The course shows the differences between the various versions of Cisco Unified Communications Manager compared with new Cisco Unified Communications Manager 7.0. New Cisco Unified Communications Manager features, like Global Transformations, E.164 Support, Local Route Groups and enhancements like in Cisco Unified Mobility are explained.

Technical Training
Cisco

WITSHOOT – Troubleshooting Cisco Wireless Enterprise Networks v1.1

In this course, you will learn how to troubleshoot Cisco wireless networks. In addition, you will learn about the guidelines for troubleshooting Wi-Fi architectures of Cisco wireless components. Hands-on labs are designed to reinforce concepts such as troubleshooting Cisco AireOS Release 8.0, Cisco Prime Infrastructure Release 2.2, and Cisco Identity Services Engine (Cisco ISE) Release 1.3 features.

Cisco CCNP Wireless certification addresses the need for designing, implementing, and operating Cisco Wireless networks and mobility infrastructures. CCNP Wireless certification emphasizes wireless networking principles and theory.

Note: For the classroom version of this course, laptops are provided to participate in the hands-on labs.ï¿½If you are attending the virtual version or desire to use your own laptop, please bring a laptop computer with an Ethernet port as well as an internal wireless NIC, 802.11a/b/g/n. Access to the remote labs requires a browser that supports Java and permissions to open RDP or encrypted (RDP443) RDP sessions.ï¿½If your browser does not support Java, you will need administrator rights to the laptop to install the software.

ï¿½

Technical Training
Cisco

Introducing Cisco Data Center Networking (DCICN) v6.0

In this course, you will learn about the primary technologies that are used in the Cisco Data Center. The introductory level of knowledge that is taught in this course is targeted for individuals that will perform only the more basic configuration tasks.