Introduction to Cisco Secure Firewall (ICSFW)
At Course Completion
Describe the operating principles of a Next-Generation Firewall
Configure any Cisco Secure Firewall using the GUI
Ensure that proper perimeter security is enabled using Cisco Secure Firewall
Describe the different common use cases of Cisco Secure Firewall
Audience Profile
Network Security Administrators
Network Security Engineers
Network Security Managers
Security Sales Engineers
Security System Engineers
Anyone else who wants to learn about Cisco Secure Firewall
Prerequisites
Before taking this course, it would be good to have some understanding of Network Security fundamentals.
Exposure to working with any Network firewall will be an advantage.
Outline
Overview of Cisco Secure Firewall (CSF)
Basic firewall and IPS terminologies
Understand CSF features
Examine different platforms
Examine licensing
General implementation use cases
Device Configuration
Device Registration
Differentiate between FXOS and FTD image
Differentiate between management options FDM and FMC
Initial device activation and configuration
Examining different policies
Define objects
Explore system configuration
Configure Health Monitoring
Discuss device/ platform management options
Overview of High Availability
Cisco Secure Firewall Traffic Control
Describe packet processing
Explain traffic bypassing
Discuss pre-filter policy
Network Address Translation (NAT) Configurations
Overview of NAT
Different NAT rule types
Implementing and configuring NAT
Network Discovery
Explain Network Discovery
Configure Network Discovery
Access Control Policies
Overview of Access Control Policies (ACP)
Describe Access Control Policy rules and default action
Define further inspection feature in a rule
Overview of logging options for a rule
Advanced Settings in an ACP
Deploying the change in an ACP
Security Intelligence
Overview of Security Intelligence (SI)
Configure Security Intelligence objects
Deploy SI
File Control and Advanced Malware Protection
Overview of malware and file policy
Discuss Advanced Malware Protection
Next-Generation Intrusion Prevention Systems
Overview of Intrusion Prevention and Snort rules
Explain variables and variable sets
Configure intrusion policies
Describe firepower recommendations
Analyzing different Events
Discuss different types of events
Explore analysis tools
Analyze threats
General System Administration
Manage device updates
Explore user account management features
Configuring different user accounts
Basic Troubleshooting
Identify common misconfigurations
Basic troubleshooting commands
Using packet trace
Lab Exercises
Initial Device Setup
FTD initial boot up and n/w configuration (walkthrough/ no hands-on)
FMC initial boot up and n/w configuration (walkthrough/ no hands-on)
FTD onboarding to FMC
Basic Configuration and Verification
Verify/ create different objects
Verify/ create interface and routing configuration
Configure Security Intelligence
Configure Security Intelligence objects
Modify/ customize Security Intelligence
Configure Intrusion Policy
Reuse base IPS policy (SNORT2/ SNORT3)
Create a new IPS policy (SNORT2/ SNORT3)
Configure/ Modify the Access Control Policy
Allow internal/ DMZ access (inbound)
Allow Internet access (outbound)
[Use a SNORT2/ SNORT3 Intrusion Policy configured in exercise 4]
Configure NAT Policies
Dynamic NAT
Static NAT
Configure/ Modify Network Discovery Policy
Understand/ differentiate hosts, users, and applications
Configure/ tune the network discovery policy based on your environment
Deploy Changes
Review the changes that will apply to the NGFW
Deploy all the configuration changes to the NGFW
Test/ Analyze the NGFW Traffic
Connectivity
IPS functionality
Malware blocking capabilities
System Administration Overview
Health Monitoring
Device Backup and Restore
Reporting Overview
Scheduling Tasks
Change Reconciliation
Sorry! It looks like we haven’t updated our dates for the class you selected yet. There’s a quick way to find out. Contact us at 502.265.3057 or email info@training4it.com
Request a Date