SASAA – Implementing Advanced Cisco ASA Security

SASAA - Implementing Advanced Cisco ASA Security

COURSE OUTLINE:

Description

This course provides advanced training on the key Cisco Adaptive Security Appliance (ASA) 9.x features including the following:

Cisco ASA 5500-X Series Next-Generation Firewalls, ASAv, ASA 5506-X, 5508-X, 5516-X and ASA SM and implement new ASA 9.4.1 features
Cisco ASA Identity Firewall policies
Install and Set up the Cisco FirePOWER Services Module (SFR)
Implement Cisco ASA Cloud Web Security
Implement a Cisco ASA cluster
Cisco ASA security group firewall and change of authorization support

Audience

Network administrators, managers, coordinators
Anyone who requires advanced training on the ASA 5500-X
Security technicians, administrators, and engineers

Learning Objectives

Cisco ASA 5500-X Series Next-Generation Firewalls and the Cisco ASA Services Module (ASA SM)
Implement ASA Security Zones and Equal Cost Mulitpathing
Configure ASA 9.3/9.4 new features including: REST API for configuration, Policy Based Routing, ACL Manual Commit and ACL Forward Refernece
Implement the Cisco ASA Identity Firewall Feature, including the use of the Cisco CDA
Implement the Cisco ASA SFR (FirePOWER Services) module
Configure Cisco ASA to integrate with Cisco Cloud Web Security to provide web security and filtering services through an SaaS model
Security Group Access Control (SGACL) feature in Cisco ASA Software 9.0 and later.
Implement a Cisco ASA Cluster feature which allows as many as eight Cisco ASA appliances to be joined in a single cluster

1. Cisco ASA Product Family

ASA 5500-X Next-Generation Firewalls
Cisco ASAv
Implementing ASA 9.3 and 9.4.1 New Features
Cisco ASA SM

2. Cisco ASA Identity Firewall

The Cisco IDFW Solution
Setting Up Cisco CDA
Configuring Cisco CDA
Configuring Cisco ASA IDFW
Troubleshooting Cisco ASA IDFW

3. Cisco ASA FirePOWER (SFR) Module

Installing Cisco ASA FirePOWER Services Module
Managing Cisco ASA FirePOWER Services Module Using Cisco FireSIGHT Management Center
The Cisco ASA 5506-X, 5508-X, and 5516-X FirePOWER Services
Configuring ASA Firepower Services v6.0 New Features

4. Cisco ASA Cloud Web Security Integration

Cisco ASA with Cisco Cloud Web Security
Configuring Cisco ASA with Cisco Cloud Web Security
Cisco ASA with Cisco Cloud Web Security
The Web Filtering Policy in Cisco ScanCenter
Cisco Cloud Web Security Advanced Malware Protection and Threat Analytics

5. Cisco ASA Cluster

Cisco ASA Cluster Features
Cisco ASA Cluster Terminology and Data Flows
CLI to Configure a Cisco ASA Cluster
ASDM to Configure a Cisco ASA Cluster
Cisco ASA Cluster Operations
Troubleshooting a Cisco ASA Cluster Operations
Cisco ASA v9.1.4 and later Clustering Features

6. Cisco ASA Security Group Firewall

Introducing Cisco Security Group Tagging
Configuring ASA Security Group Firewall
ASA 9.2.1 and Later Releases SGT Features
ASA 9.2.1 and Later Releases Change of Authorization Support

RELATED COURSES

Technical Training
Cisco

DCUFI – Implementing Cisco Data Center Unified Fabric v5.0

In this course, you will learn about the key components and procedures needed to install, configure, and manage the Cisco Nexus 7000, 5000, and 2000 Series switches and MDS Series switches in the network and SAN environment.

Our enhanced Cisco labs include extra exploration, configuration, and troubleshooting with a focus on NX-OS-specific features. Labs for this course are based on:

Nexus 7000 NX-OS version 6.1(2)
Nexus 5000 NX-OS version 5.2(1)
Data Center Network Manager version 6.1(2)

Technical Training
Cisco

Building Scalable Cisco Internetworks

This comprehensive Cisco Authorized course will teach students the complex concepts and commands necessary to configure Cisco routers for scalable operation in large and/or growing internetworks. This course will also help students prepare for the CCNP and CCIP certifications.

Technical Training
Cisco

Implementing Cisco Unity Connection

This 4 day course is designed to provide the learner with the knowledge to implement, integrate, and administer and manage Cisco Unity Connection release 7.0.

Technical Training
Cisco

Designing Cisco Storage Networking Solutions

DCSNS enables the student to design enterprise Cisco MDS 9000 solutions that include core Fibre Channel SANs, iSCSI for mid-range applications, and SAN extension solutions. This course replaces CMSNF and CSDE. It includes SAN-OS 2.1, 3.0 and basic IP networking.