SASAC - Implementing Core Cisco ASA Security (SASAC)(V1.0)

This five-day course aims to provide network security engineers with the knowledge and skills needed to implement and maintain Cisco ASA adaptive security appliance-based perimeter solutions. Delegates will be able to reduce risk to the IT infrastructure and applications using Cisco ASA adaptive security appliance features, and provide detailed operations support for the Cisco ASA adaptive security appliance. This course is focused on the features of 9.x


Target Audience

Network engineers supporting Cisco ASA 9.x implementations


Course Prerequisites

Hold a CCNA in Security ICND1 + IINS


Course Objectives

After completing this course you should be able to:

  • Explain the core essential features of Cisco ASA 5500-X Series Next-Generation Firewalls
  • Describe how to implement Cisco ASA basic connectivity and device management
  • Implement basic Cisco ASA network integration
  • Describe and implement basic Cisco ASA policy controls
  • Describe Cisco ASA common VPN components
  • Describe and implement Cisco ASA clientless VPN solutions
  • Describe and implement Cisco ASA and Cisco AnyConnect full tunnel VPN solutions
Mostra dettagli


Course Modules

Cisco ASA Adaptive Security Appliance Essentials

  • Evaluating Cisco ASA Adaptive Security Appliance Technologies
  • Identifying Cisco ASA Adaptive Security Appliance Models
  • Identifying Cisco ASA Adaptive Security Appliance Licensing Options


Basic Connectivity and Device Management

  • Preparing the Cisco ASA Adaptive Security Appliance for Network Integration
  • Managing Basic Cisco ASA Adaptive Security Appliance Network Settings


Network Integration

  • Configuring Cisco ASA Adaptive Security Appliance NAT Features
  • Configuring Cisco ASA Adaptive Security Appliance Basic Access Control Features
  • Configuring Cisco ASA Adaptive Security Appliance Routing Features


Cisco ASA Adaptive Security Appliance Policy Controls

  • Defining the Cisco ASA Adaptive Security Appliance MPF
  • Configuring Cisco ASA Adaptive Security Appliance Advanced Application Inspections


Cisco ASA Adaptive Security Appliance VPN Common Components

  • VPN Overview
  • Implementing Profiles, Group Policies, and User Policies
  • Implementing PKI Services


Cisco Clientless VPN Solution

  • Introducing Clientless SSL VPN
  • Deploying Basic Cisco Clientless SSL VPN on the Cisco ASA Adaptive Security Appliance
  • Deploying Application Access in Cisco Clientless SSL VPN
  • Deploying Client-Side Authentication and Authorization in Clientless SSL VPN


Cisco AnyConnect Full Tunnel VPN Solutions

  • Deploying Basic Cisco AnyConnect SSL VPN on Cisco ASA
  • Deploying Advanced Cisco AnyConnect SSL VPN on Cisco ASA
  • Deploying Advanced Authentication and Authorization in Cisco AnyConnect VPNs
  • Deploying Cisco AnyConnect IPsec/IKEv2 VPNs


Cisco ASA Adaptive Security Appliance High Availability and Virtualization

  • Configuring Cisco ASA Adaptive Security Appliance Interface Redundancy Features
  • Configuring Cisco ASA Adaptive Security Appliance Active/Standby High Availability
  • Configuring Security Contexts on the Cisco ASA Adaptive Security Appliance
  • Lesson 5: (OPTIONAL) Configuring Cisco ASA Adaptive Security Appliance Active/Active High Availability (Optional/Self-study)


Labs

Lab 1-1: Accessing the Remote Lab Environment

Lab 2-1: Configuring the Cisco ASA Adaptive Security Appliance

Lab 3-1: Configuring NAT

Lab 3-2: Configuring Basic Cisco Access Control Features

Lab 4-1: Configuring MPF, Basic Stateful Inspections, and QoS

Lab 4-2: Configuring MPF Advanced Application Inspections

Lab 6-1: Implementing Basic Clientless SSL VPN on the Cisco ASA

Lab 6-2: Configuring Application Access for Clientless SSL VPN on the Cisco ASA

Lab 6-3: Implementing External Authentication and Authorization for Clientless SSL VPNs

Lab 7-1: Implementing Basic Cisco AnyConnect SSL VPN on the Cisco ASA

Lab 7-2: Configuring Advanced Authentication for Cisco AnyConnect SSL VPNs

Lab 7-3: Implementing Cisco AnyConnect IPsec/IKEv2 VPNs

Lab 8-1: Configuring Active/Standby High Availability