The Training Consortium

Cisco® Course Listings

Routing and Switching

IP Communications

Security

Wireless/Mobility

Additional Courses

Securing Networks with ASA Fundamentals (SNAF) 1.0

Overview
Skills Taught Audience		Prerequisites Outline

	Duration:	6 classes
	Skill Level:	Intermediate
	Certifications:	CCSP
	Delivery Type:	Expert Live; Expert Encore

Description
This critical Cisco security course focuses on securing networks with Cisco security appliances and is a core element in the Cisco Certified Security Professional track. At the completion of this course students will be able to perform basic tasks with the Cisco ASA such as configuring the security appliance, using ACLs and content filtering, and configuring threat detection. Students will learn to enable such features as advanced protocol handling, AAA for cut-through proxy and transparent firewall mode.

Skills Taught
Upon completion of the Securing Networks with ASA Fundamentals (SNAF) 1.0 course, the student will be able to: Discuss the technology and features of Cisco security appliances Identify the Cisco ASA and PIX security appliance models Describe the security appliance file management system Describe security appliance security levels Describe Cisco ASDM requirements and capabilities Configure a security appliance for basic network connectivity Configure and explain the functions of ACLs Configure object groups and use them in ACLs Configure logical interfaces and VLANs Install and configure Cisco Secure ACS Explain the Cisco Modular Policy Framework feature for security appliances Describe how the security appliance implements inspection of common network applications Describe threat detection and threat statistics Explain how IPsec works Configure an IPsec Remote-Access VPN Use the SSL VPN Wizard to configure a basic Clientless SSL VPN connection Explain how data traverses a security appliance in transparent mode Configure a security context and allocate resources to a security context Enable the stateful failover option for maximum availability Recover security appliance passwords using general password recovery procedures

Audience
This course is a necessity for any student that desires to learn more about securing networks using the latest in Cisco technologies. This course is also recommended for any student interested in professional level Cisco certifications or beyond.

Prerequisites
The SNAF course focuses on the technology required for securing complex networks. To fully benefit from this course, the student must be familiar with general networking concepts and have Cisco router operation and configuration experience. The student should also be familiar with the Windows Operating System. Successful completion of Interconnecting Cisco Networking Devices Part 1 is strongly recommended.

Outline

Lesson 1: Introducing Cisco Security Appliance Technology and Features

Firewalls
Security Appliance Essentials

Lesson 2: Introducing the Cisco ASA and PIX Security Appliance Families

Models and Features of Cisco Security Appliances
Cisco ASA Security Appliance Licensing

Lesson 3: Getting Started with Cisco Security Appliances

User Interface
File Management
Security Appliance Security Levels
Cisco ASDM Essentials and Operating Requirements
Preparing to Use Cisco ASDM
Navigating Cisco ASDM Windows

Lesson 4: Configuring a Security Appliance

Basic Security Appliance Configuration
Examining Security Appliance Status
Time Setting and NTP Support
Syslog Configuration

Lesson 5: Configuring Translations and Connection Limits

Transport Protocols
Understanding NAT
Understanding PAT
Static Translations
Connections and Translations

Lesson 6: Using ACLs and Content Filtering

ACL Configuration
Malicious Active Code Filtering
URL Filtering
Packet Tracer

Lesson 7: Configuring Object Grouping

Essentials of Object Grouping
Configuring and Using Object Groups

Lesson 8: Switching and Routing on Cisco Security Appliances

VLAN Capabilities
Static Routing
Dynamic Routing

Lesson 9: Configuring AAA for Cut-Through Proxy

Introduction to AAA
Authentication
Authorization
Accounting
Configuring the Local User Database
Installation of Cisco Secure ACS for Windows 2000
Cut-Through Proxy Authentication Configuration
Authentication for Access to Resources Example
Authentication Prompts and Timeouts
Authorization Configuration
Accounting Configuration

Lesson 10: Configuring the Cisco Modular Policy Framework

Modular Policy Framework Overview
Class Map Overview
Policy Map Overview
Configuring Modular Policies with Cisco ASDM
Configuring a Policy for Management Traffic
Displaying Modular Policy Framework Components

Lesson 11: Configuring Advanced Protocol Handling

Advanced Protocol Handling
Protocol Application Inspection
Multimedia Support

Lesson 12: Configuring Threat Detection

Threat Detection Overview
Basic Threat Detection
Scanning Threat Detection
Configuring and Viewing Threat Detection Statistics

Lesson 13: Configuring Site-to-Site VPNs Using Pre-Shared Keys

Secure VPNs
How IPSec Works
Preparing to Configure an IPSec VPN
Create IKE Policies for a Purpose
Define IKE Policy Parameters
Configure a Site-to-Site VPN Using Pre-Shared Keys
Modify the Site-to-Site VPN configuration
Test and Verify VPN Configuration

Lesson 14: Configuring Security Appliance Remote-Access VPNs

Introduction to Cisco Easy VPN
Overview of Cisco VPN Client
Transparent Tunneling
Allowing Local LAN Access
Adjusting the Peer Response Timeout Value
Configuring Remote-Access VPNs
Configuring Users and Groups

Lesson 15: Configuring the Cisco ASA for SSL VPN

SSL VPN Overview
Using the SSL VPN Wizard to Configure Clientless SSL VPN
Verifying Clientless SSL VPN Operations

Lesson 16: Configuring Transparent Firewall Mode

Transparent Firewall Mode Overview
How Data Traverses a Security Appliance in Transparent Mode
Configuring Transparent Firewall Mode
Monitoring and Maintaining Transparent Firewall Mode

Lesson 17: Configuring Security Contexts

Security Context Overview
Enabling Multiple Context Mode
Configuring Security Contexts
Managing Security Contexts

Lesson 18: Configuring Failover

Understanding Failover
Configuring Redundant Interfaces
Active/Standby LAN-Based Failover Configuration
Active/Active Failover Configuration
Remote Command Execution

Lesson 19: Managing the Security Appliance

Managing System Access
Configuring Command Authorization
Managing Configurations
Managing Images and Activation Keys

Included Labs

Initializing the Security Appliance
Configuring ACLs using ASDM
Preparing for AAA Services
Configuring a Site-to-Site VPN
Configuring a Secure SSL VPN
Command Authorization with Privileged Mode Passwords


	Login to Course Campus \| Call Us: 1-877-797-2799	Search for:
	Courses Cisco Microsoft Everything IT End User Business Skills SMB Select Project Management Solutions Individual Classes Packages Modalities Expert Live Expert Encore Learn Now Student Support Request a Demo