Cisco ASA Lab Camp v9.5

Based on our enhanced SASAC v1.0 and SASAA v1.2 courses, this exclusive, lab-based course, provides you with your own set of equipment and is designed to provide you with the most Adaptive Security Appliance (ASA) 9.x and ASA CX-based lab experience possible in just five days. This course provides 30 different lab scenarios using Cisco equipment such as: ASA v9.x, ASA 5515 NGFW (Next-Generation Firewall CX), Access Control Server (ACS 5.4), Context Directory Agent (CDA), Catalyst switch, Integrated Services Router (ISR), and ASA 55x5.

Retail Price: $5,095.00

Next Date: Request Date

Course Days: 5


Request a Date

Request Custom Course


About this Course

Based on our enhanced SASAC v1.0 and SASAA v1.2 courses, this exclusive, lab-based course, provides you with your own set of equipment and is designed to provide you with the most Adaptive Security Appliance (ASA) 9.x and ASA CX-based lab experience possible in just five days. This course provides 30 different lab scenarios using Cisco equipment such as: ASA v9.x, ASA 5515 NGFW (Next-Generation Firewall CX), Access Control Server (ACS 5.4), Context Directory Agent (CDA), Catalyst switch, Integrated Services Router (ISR), and ASA 55x5.

A typical day will begin with an informal white board lecture by the instructor, covering topics associated with the day's labs. Afterwards, you will be free to work on the labs at your own pace and to experiment in the lab environment. Of course, the instructor will remain available to assist as needed.

ASA 9.x labs can be run in any order, any number of times. ASA-CX labs will be run consecutively. With the exception of two labs that require two pods to work together, no coordination with other students is necessary.

Audience Profile

Primary audience for this course are:

Network engineers supporting Cisco ASA 9.x implementations

At Course Completion

Upon course completion, students will be able to:

  • Fundamental ASA Configuration from the CLI and ASDM
  • Administrative Access using AAA, TACACS+ and Cisco ACS 5.x
  • Object (Auto) NAT and Manual (Twice) NAT
  • Access Control and Troubleshooting Tools
  • Application Inspection and Control (Deep Packet Inspection)
  • Bootstrapping and configuring CX and IPS software modules
  • Deploying Cisco Context Directory Agent (CDA) with Active Directory
  • Features of Cisco ASA 5500-X Series Next-Generation Firewalls (NGFW ASA CX)
  • SFR (FirePOWER Services) software module integration using FireSIGHT Management Center and access control, intrusion prevention, file policy, network discovery, Active Directory integration, and user based access control
  • CX software module integration using Prime Security Manager (PRSM)
  • CX access policies for URL and application filtering
  • CX identity policies using active and passive authentication
  • CX decryption policies
  • Cloud Web Security (ScanSafe) integration
  • Threat and Botnet Detection
  • Dynamic Routing
  • Transparent Firewall and bridge groups
  • Basic and Advanced Clientless SSL VPN
  • Full tunnel SSL VPN using AnyConnect 3.x Secure Mobility Client
  • Remote Access IPsec IKEv2 using AnyConnect 3.x
  • Easy VPN remote for the SOHO using ASA 5505
  • External AAA authentication of VPN users
  • PKI and VPN integration
  • Host Scan and Dynamic Access Policies (DAP) for VPN
  • IPsec VPN Site-to-site between ASAs and with IOS router
  • ASA and ISE integration for TrustSec Firewall using Security Group Tags
  • Active/Standby Failover
  • ASA clustering including local and spanned EtherChannel

Prerequisites

Before attending this course, students should have the following knowledge or experience:

  • Knowledge of the Cisco ASA
  • IINS 2.0 - Implementing Cisco IOS Network Security

 


Course Outline

 

1. Cisco ASA v9.5 Essentials

 

  • Firewall Technologies
  • Cisco ASA Features, Hardware, and Licenses

 

2. Basic Connectivity and Device Management

 

  • Managing the Cisco ASA Boot Process
  • Configuring the Cisco ASA Using the CLI and ASDM
  • Managing the Cisco ASA Basic Upgrade
  • Managing Cisco ASA Security Levels and Interfaces
  • Cisco ASA as DHCP Client and DHCP Server

 

3. Network Integration

 

  • Configuring Object (Auto) NAT and Manual NAT
  • Connection Table and Local Host Table
  • Configuring and Verifying Interface and Global ACLs
  • Configuring and Verifying Object Groups and Public Servers
  • Static and Dynamic Routing
  • Multicast Support

 

4. Cisco ASA Policy Control

 

  • Cisco Modular Policy Framework (MPF) Overview
  • Configuring Layer 3 and Layer 4 Policies
  • Configuring Layer 5 to Layer 7 Policies including HTTP and FTP inspection

 

5. Cisco ASA VPN Common Components

 

  • VPN Types and Components
  • VPN Connection Profiles and Group Policies
  • AAA Including External Policy Storage
  • Dynamic Access Policy for SSL VPN
  • PKI for VPN Including Provisioning Server-Side Certificates
  • Client-Based Certificate Authentication Including SCEP proxy

 

6. Cisco Clientless VPN Solution

 

  • Cisco ASA v9.5 Essentials
  • Firewall Technologies
  • Cisco ASA Features, Hardware, and Licenses

 

7. Basic Connectivity and Device Management

 

  • Managing the Cisco ASA Boot Process
  • Configuring the Cisco ASA Using the CLI and ASDM
  • Managing the Cisco ASA Basic Upgrade
  • Managing Cisco ASA Security Levels and Interfaces
  • Cisco ASA as DHCP Client and DHCP Server

 

8. Network Integration

 

  • Configuring Object (Auto) NAT and Manual NAT
  • Connection Table and Local Host Table
  • Configuring and Verifying Interface and Global ACLs
  • Configuring and Verifying Object Groups and Public Servers
  • Static and Dynamic Routing
  • Multicast Support

 

9. Cisco ASA Policy Control

 

  • Cisco Modular Policy Framework (MPF) Overview
  • Configuring Layer 3 and Layer 4 Policies
  • Configuring Layer 5 to Layer 7 Policies including HTTP and FTP inspection

 

10. Cisco ASA VPN Common Components

 

  • VPN Types and Components
  • VPN Connection Profiles and Group Policies
  • AAA Including External Policy Storage
  • Dynamic Access Policy for SSL VPN
  • PKI for VPN Including Provisioning Server-Side Certificates
  • Client-Based Certificate Authentication Including SCEP proxy

 

11. Cisco Clientless VPN Solution

 

  • Cisco Clientless SSL VPN
  • Basic Cisco Clientless SSL VPN
  • Cisco Clientless SSL VPN Application Access with Application Plug-Ins and Smart Tunnels
  • Client-side Authentication and Authorization Using AAA Server
  • Double Client-side Authentication Using AAA Servers

 

12. Cisco AnyConnect Full Tunnel VPN Solution

 

  • Cisco AnyConnect SSL VPN
  • Split Tunneling
  • IP Address Pools and Identity NAT
  • DTLS and TLS Tunnels
  • Cisco AnyConnect Client Configuration Management
  • Trusted Network Detection and Start Before Logon options
  • Certificate-Based Server Authentication
  • Client Enrollment Methods and Certificate-Based Authentication
  • Two-Factor Authentication
  • Local Authorization and External Authorization
  • AnyConnect Support for IKEv2
  • Making IPsec the Primary Protocol for a Host Entry

 

13. Cisco ASA High Availability and Virtualization

 

  • EtherChannel and Redundant Interfaces
  • Multiple-Context Mode

 

14. Cisco Next Generation Firewall

 

  • Introducing the Cisco ASA 5500-X Series NGFW
  • Introducing the Cisco ASAv
  • Implementing ASA 9.3 and 9.4.1 New Features
  • Introducing the Cisco ASASM

 

15. Cisco ASA Identity Firewall

 

  • Describing the Cisco IDFW Solution
  • Setting Up Cisco CDA
  • Configuring Cisco CDA
  • Configuring Cisco ASA IDFW
  • Verifying and Troubleshooting Cisco ASA IDFW

 

16. Cisco ASA FirePOWER (SFR) Module

 

  • Installing Cisco ASA 5500-X Series FirePOWER (SFR) Module
  • Managing Cisco ASA FirePOWER Services Module Using Cisco FireSIGHT Management Center
  • Describing the Cisco ASA 5506-X, 5508-X, and 5516-X FirePOWER Services
  • Configuring ASA Firepower Services v6.0 New Features

 

17. Cisco ASA Cloud Web Security Integration

 

  • Introducing Cisco ASA with Cisco Cloud Web Security
  • Configuring Cisco ASA with Cisco Cloud Web Security
  • Verifying Cisco ASA with Cisco Cloud Web Security
  • Describing the Web Filtering Policy in Cisco ScanCenter
  • Cisco Cloud Web Security Advanced Malware Protection and Threat Analytics

 

18. Cisco ASA Cluster

 

  • Describing Cisco ASA Cluster Features
  • Describing Cisco ASA Cluster Terminology and Data Flows
  • Using the CLI to Configure a Cisco ASA Cluster
  • Using the ASDM to Configure a Cisco ASA Cluster
  • Verifying Cisco ASA Cluster Operations
  • Troubleshooting a Cisco ASA Cluster Operations
  • Describing Cisco ASA v9.1.4 and later Clustering Features

 

19. Cisco ASA Security Group Firewall and Change of Authorization

 

  • Cisco Security Group Tagging Overview
  • Configuring Cisco ASA Security Group Firewall
  • Describing the ASA 9.2.1 and Later Releases SGT Features
  • Describing the ASA 9.2.1 and Later Releases Change of Authorization Support

 



Sorry! It looks like we haven’t updated our dates for the class you selected yet. There’s a quick way to find out. Contact us at 502.265.3057 or email info@training4it.com


Request a Date