Implementing Advanced Cisco ASA Security v1.2 (SASAA)(1.2)

Overview

This is an instructor-led product training course targeted towards network security engineers who require in depth knowledge of the advanced features of Cisco ASA security products.

This course provides update training on the key features of the post-8.4.1 release of the Cisco ASA, including the 9.x features such as CX and Clustering.  The course includes detailed coverage of Cisco ASA 5500-X Series Next-Generation Firewalls, the Cisco Catalyst 6500 Series ASA Services Module (ASASM), and the ASA 1000v Cloud Firewall.  It also provides a hands-on experience with installing and setting up the Cisco IPS and Cisco ASA CX software modules, implementing Identity Firewall policies with Cisco CDA, implementing CX policies, and integrating Cisco Cloud Web Security.

Target Audience


This course is intended for network engineers supporting Cisco ASA 9.x implementations.

Prerequisites

It is recommended that prior to enrollment, students have successfully completed FIREWALL or have equivalent knowledge of the Cisco ASA.

Objectives

Upon successful completion of this course, students should be able to:
  • Explain the features of Cisco ASA 5500-X Series Next-Generation Firewalls, ASASM, ASA 1000V Cloud Firewall and Cisco ASAv
  • Install and set up the Cisco ASAv
  • Implement Cisco ASA Identity Firewall policies by using Cisco CDA and Cisco ASA
  • Install and set up the Cisco SFR (FirePOWER Services) Module
  • Implement Cisco ASA and Cisco Cloud Web Security integration
  • Implement a Cisco ASA cluster
  • Install and set up the Cisco CX (NGFW Services) Module (optional module)
  • Describe the IPv6 features in Cisco ASA Software Release 9.0 (optional module)
  • Describe the multicontext enhancements in Cisco ASA Software Release 9.0 (optional module)
  • Describe SGFW support in Cisco ASA Software Release 9.0 (optional module)
  • Describe CoA support (new in v1.1 of the course, a new lesson in the SGFW (optional module)
Mostra dettagli
Course Outline

Module 1: Cisco ASA Product Family
Module 2: Cisco ASA Identity Firewall
Module 3: Cisco ASA FirePOWER (SFR)
Module 4: Cisco ASA Cloud Web Security Integration
Module 5: Cisco ASA Cluster
Module 6: Cisco ASA CX (Next-Generation Firewall Services) (Optional/Self-Study)
Module 7: Cisco ASA Multicontext Enhancements (Optional/Self-Study)
Module 8: Cisco ASA Security Group Firewall (Optional/Self-Study)
Module 9: Cisco ASA IPv6 Enhancements (Optional/Self-Study)

Lab Outline: 
  • Lab 1-1: Remote Lab Environment Access
  • Lab 1-2: Cisco ASAv Basic Setup
  • Lab 2-1: CDA Configuration
  • Lab 2-2: ASA IDFW Configuration
  • Lab 3-1: Cisco ASA 5500-X Series FirePOWER Module Installation and Setup
  • Lab 4-1: Cisco ASA and Cloud Web Security Integration
  • Lab 5-1: ASA Cluster Configuration
  • Lab 6-1: ASA CX and PRSM (v9.1.2) Exploration (Optional)
  • Lab 6-2: ASA CX Access Policy Configuration (Optional)
  • Lab 6-3: ASA CX Identity Policy Configuration (Optional)
  • Lab 6-4: ASA CX Decryption Policy Configuration (Optional)
  • Lab 6-5: PRSM Administration (Optional)
  • Lab 6-6: ASA NGFW Services Version 9.2.1 New Features (Optional)