SASAA – Implementing Advanced Cisco ASA Security

SASAA - Implementing Advanced Cisco ASA Security

COURSE OUTLINE:

Description

This course provides advanced training on the key Cisco Adaptive Security Appliance (ASA) 9.x features including the following:

Cisco ASA 5500-X Series Next-Generation Firewalls, ASAv, ASA 5506-X, 5508-X, 5516-X and ASA SM and implement new ASA 9.4.1 features
Cisco ASA Identity Firewall policies
Install and Set up the Cisco FirePOWER Services Module (SFR)
Implement Cisco ASA Cloud Web Security
Implement a Cisco ASA cluster
Cisco ASA security group firewall and change of authorization support

Audience

Network administrators, managers, coordinators
Anyone who requires advanced training on the ASA 5500-X
Security technicians, administrators, and engineers

Learning Objectives

Cisco ASA 5500-X Series Next-Generation Firewalls and the Cisco ASA Services Module (ASA SM)
Implement ASA Security Zones and Equal Cost Mulitpathing
Configure ASA 9.3/9.4 new features including: REST API for configuration, Policy Based Routing, ACL Manual Commit and ACL Forward Refernece
Implement the Cisco ASA Identity Firewall Feature, including the use of the Cisco CDA
Implement the Cisco ASA SFR (FirePOWER Services) module
Configure Cisco ASA to integrate with Cisco Cloud Web Security to provide web security and filtering services through an SaaS model
Security Group Access Control (SGACL) feature in Cisco ASA Software 9.0 and later.
Implement a Cisco ASA Cluster feature which allows as many as eight Cisco ASA appliances to be joined in a single cluster

1. Cisco ASA Product Family

ASA 5500-X Next-Generation Firewalls
Cisco ASAv
Implementing ASA 9.3 and 9.4.1 New Features
Cisco ASA SM

2. Cisco ASA Identity Firewall

The Cisco IDFW Solution
Setting Up Cisco CDA
Configuring Cisco CDA
Configuring Cisco ASA IDFW
Troubleshooting Cisco ASA IDFW

3. Cisco ASA FirePOWER (SFR) Module

Installing Cisco ASA FirePOWER Services Module
Managing Cisco ASA FirePOWER Services Module Using Cisco FireSIGHT Management Center
The Cisco ASA 5506-X, 5508-X, and 5516-X FirePOWER Services
Configuring ASA Firepower Services v6.0 New Features

4. Cisco ASA Cloud Web Security Integration

Cisco ASA with Cisco Cloud Web Security
Configuring Cisco ASA with Cisco Cloud Web Security
Cisco ASA with Cisco Cloud Web Security
The Web Filtering Policy in Cisco ScanCenter
Cisco Cloud Web Security Advanced Malware Protection and Threat Analytics

5. Cisco ASA Cluster

Cisco ASA Cluster Features
Cisco ASA Cluster Terminology and Data Flows
CLI to Configure a Cisco ASA Cluster
ASDM to Configure a Cisco ASA Cluster
Cisco ASA Cluster Operations
Troubleshooting a Cisco ASA Cluster Operations
Cisco ASA v9.1.4 and later Clustering Features

6. Cisco ASA Security Group Firewall

Introducing Cisco Security Group Tagging
Configuring ASA Security Group Firewall
ASA 9.2.1 and Later Releases SGT Features
ASA 9.2.1 and Later Releases Change of Authorization Support

RELATED COURSES

Technical Training
Cisco

MENPI- Managing Enterprise Networks with Cisco Prime Infrastructure v3.0

In this course, you will learn how to design, deploy, operate, and optimize enterprise networks with the Cisco Prime Infrastructure solution (PI). Cisco Prime Infrastructure is part of a Unified Access solution that converges traditional wired and wireless networks into a single network management tool. The labs, which have been recently updated, put you in a realistic customer scenario and let you practice what you learned using Cisco Prime Infrastructure 3.0. This course network management perspective has a heavier lean to the wired side of the network management.

Note: For the classroom version of this course, laptops are provided for your participation in the hands-on labs. If you desire to use your own laptop, please bring a laptop computer with an Ethernet port as well as an internal wireless NIC, 802.11a/b/g/n. Access to the remote labs requires a browser that supports Java(R) and permissions to open RDP or encrypted (RDP443) RDP sessions. If your browser does not support Java, you will need administrator rights to the laptop to install software.

Technical Training
Cisco

WDBWL – Deploying Cisco Basic Wireless LANs v1.2

In this course, you will learn the basics of how to install, configure, operate, and maintain a wireless network, both as an add-on to an existing wireless LAN (WLAN) and as a new Cisco Unified Wireless Networking solution.

This course will build on WLAN terms, concepts, protocols, architecture, and characteristics introduced in the Defining Cisco Wireless LAN Essentials (WLE) e-learning course. In this course you will investigate the components, features, and deployment aspects of the system. You will have the opportunity to reinforce what you learn with hands-on labs. This course focuses on the essential network elements of a WLAN: the access points (APs) and wireless LAN controllers (WLCs).

This course provides high-level information about the optional but recommended network management and services appliance components of a Cisco Unified Wireless Network-the Cisco Prime Infrastructure (PI) and Mobility Services Engine (MSE)-but does not provide hands-on labs and in-depth coverage of these components. The Cisco management platform and MSE are covered in more depth in a separate course: Managing Cisco Wireless Networks with Prime Infrastructure (MWNPI).

Technical Training
Cisco

UCSID-BC – UCS Implementation and Design Boot Camp v5.0

If you already understand the basics of Cisco UCS (Unified Computing System) Server architecture and want to complete a Cisco UCS based certification, then this is the course for you. This course is entirely focused on giving you as much clarity and foundation as possible to prepare for the DCUCD and DCUCI exams, all in a five-day period.

Once you complete this course, reinforce your knowledge with self-study and finally pass the DCUCD and DCUCI exams you would have completed the requirements for the Cisco Data Center Unified Computing Design Specialist certification.

We will review the core material from the DCUCD and DCUCI courses as well as over 17 labs, all to help you prepare for certification. The lab environment includes a Nexus 5k Core, a pair of Fabric Interconnects, both B-Series and C-Series Servers, Microsoft Hyper-V (2008 or 2012), VMware vSphere (v4.x or 5.x), the Cisco Nexus 1000v and Cisco UCS Manager VM-FEX.

If you have a need to back-up your knowledge with certification but cannot dedicate as much as 9 days in 2 separate classes then this course is a perfect fit for you and your schedule.

The course hours are 8:00am – 6:00pm each day so that you can receive the most complete training experience possible and to ensure you have time to absorb and fully grasp the in-depth content that will be covered.

In this course, you will receive:

Free exam voucher for DCUCI 5.0
Free exam voucher for DCUCD 5.0

Technical Training
Cisco

DCUCI – Data Center Unified Computing Implementation v5.0

In this course, you will learn to rack installations, provision server hardware, and direct operating systems or hypervisor installations. Significant content is devoted to management, maintenance, and troubleshooting. You will review Cisco data center virtualization solutions and how to execute a virtualization solution based on a detailed implementation plan.

The course follows an actual implementation workflow providing hands-on practice by configuring the most recent Cisco Unified Computing System (UCS) solutions, including Cisco UCS B-Series, Cisco UCS C-Series, VMware’s vSphere and Cisco Nexus 1000v v1.5.x and 2.2.x product families.

This newly updated course designed the hands-on labs around UCS Manager v2.2(1d), vSphere v5.0, 5.1, and v5.5, and VM-FEX and VM-FEX with Pass-Thru Switching. Current and prospective data center administrators will gain a better understanding of Cisco UCS B-Series and C-Series components, including systems architecture, installation, and administration. You will focus on the individual components of a complete solution and the installation, configuration, and maintenance of a Cisco UCS installation in various types of environments. Hands-on configuration labs throughout the course will reinforce the information given in lecture as you build a complete solution.