ASA in FirePower – Intensive BootCamp

ASA in FirePower – Intensive BootCamp

Course Information

Technology : Cisco Security

Duration : 4 Days Course

Price on Request

BOOK NOW

ASA in FirePower – Intensive BootCamp

Upcoming Dates

Course Details

Overview

Through our best in class subject matter experts, Prepforce have newly designed the ASA in FirePower training covering everything you need to know about ASA.

The special workshop has been divided into a detailed overview of each topic with hands-on lab and interactive session in the afternoon to go through discussing those topic. This course provides up-to-date training on the key features of the Cisco ASA 5500-X Series Next-Generation Firewall, including ASAv, ASA IDFW, ASA FirePOWER Service Module, ASA Cloud Web Security and ASA Clustering. Extensive hands on labs are provided to underline the concepts covered in the class.

Objectives

Prepforce Specials

This course workshop is part of our custom created special courses because of one or more following reasons.

  • Most of the time, the courses are requested by Cisco BU.
  • The courses designed are part of the Cisco derivative work approved contents.
  • The course was designed to follow an exam where Cisco approved contents are not available.
  • The course follows a specific project, which is been requested by a customer.

Outline

Module 1: Basic Connectivity and Device Management

Lesson 1: Preparing the Cisco ASA Adaptive Security Appliance for Network Integration

  • Managing the Cisco ASA Adaptive Security Appliance Boot Process
  • Managing the Cisco ASA Adaptive Security Appliance Using the CLI
  • Managing the Cisco ASA Adaptive Security Appliance Using Cisco ASDM
  • Navigating Basic Cisco ASDM Features
  • Managing the Cisco ASA Adaptive Security Appliance Basic Upgrade
  • Summary

Lesson 2: Managing Basic Cisco ASA Adaptive Security Appliance Network Settings

  • Managing Cisco ASA Adaptive Security Appliance Security Levels
  • Configuring and Verifying Basic Connectivity Parameters
  • Configuring and Verifying Interface VLANs
  • Configuring a Default Route
  • Configuring and Verifying the Cisco ASA Security Appliance DHCP Server
  • Troubleshooting Basic Connectivity
  • Summary

Module 2: Network Integration

Lesson 1: Configuring Cisco ASA Adaptive Security Appliance NAT Features

  • NAT on Cisco ASA Security Appliances
  • Configuring Object (Auto) NAT
  • Configuring Manual NAT
  • Tuning and Troubleshooting NAT on the Cisco ASA Adaptive Security Appliance
  • Summary

Lesson 2: Configuring Cisco ASA Adaptive Security Appliance Basic Access Control Features

  • Connection Table and Local Host Table
  • Configuring and Verifying Interface ACLs
  • Configuring and Verifying Global ACLs
  • Configuring and Verifying Object Groups
  • Configuring and Verifying Public Servers
  • Configuring and Verifying Other Basic Access Controls
  • Troubleshooting ACLs
  • Summary

Module 3: Cisco ASA Adaptive Security Appliance Policy Controls

Lesson 1: Defining the Cisco ASA Adaptive Security Appliance MPF

  • Cisco MPF Overview
  • Configuring and Verifying Layer 3 and Layer 4 Policies
  • Configuring and Verifying a Policy for Management Traffic
  • Summary

Lesson 2: Configuring Cisco ASA Adaptive Security Appliance Advanced Application Inspections

  • Layer 5 to Layer 7 Policy Control Overview
  • Configuring and Verifying HTTP Inspection
  • Configuring and Verifying FTP Inspection
  • Supporting Other Layer 5 to Layer 7 Applications
  • Troubleshooting Application Layer Inspection
  • Summary

Module 4: Cisco ASA Adaptive Security Appliance VPN Common Components

Lesson 1: VPN Overview

  • VPN Definition
  • Key Threats to WANs and Remote Access
  • VPN Types
  • VPN Components
  • Summary

Lesson 2: Implementing Profiles, Group Policies, and User Policies

  • Cisco ASA VPN Policy Configuration
  • Cisco ASA Adaptive Security Appliance Connection Profiles
  • Cisco ASA Adaptive Security Appliance Group Policies
  • Cisco ASA VPN AAA and External Policy Storage
  • Cisco ASA Adaptive Security Appliance User Attributes
  • Access Control Methods
  • VPN Accounting Using External Servers
  • DAP for SSL VPN
  • Summary

Module 5: Cisco AnyConnect Full Tunnel VPN Solutions

Lesson 1: Deploying Basic Cisco AnyConnect SSL VPN on Cisco ASA

  • Basic Cisco AnyConnect SSL VPN
  • SSL VPN Clients Authentication
  • SSL VPN Client IP Address Assignment
  • SSL VPN Split Tunneling
  • Configuration Scenario
  • Configuration Tasks
  • Enable Cisco AnyConnect SSL VPNs
  • Define IP Address Pool
  • Configure Identity NAT
  • Configure Group Policy
  • Configure Group Policy: Split Tunneling
  • Configure Connection Profile
  • Monitor Cisco AnyConnect VPN on Client Endpoint
  • Monitor Cisco AnyConnect VPN on Server
  • Summary

Lesson 2: Deploying Advanced Cisco AnyConnect SSL VPN on Cisco ASA

  • Cisco AnyConnect SSL VPN Solution Components
  • DTLS Overview
  • Parallel DTLS and TLS Tunnels
  • Configure DTLS
  • Verify DTLS
  • Cisco AnyConnect Client Configuration Management
  • Managing Cisco AnyConnect Software from Cisco ASA
  • Cisco AnyConnect Client Operating System Integration Options
  • Deploying Cisco AnyConnect Trusted Network Detection
  • Cisco AnyConnect Start Before Logon
  • Deploying Cisco AnyConnect Start Before Logon
  • Summary

Lesson 3: Deploying Cisco AnyConnect IPsec/IKEv2 VPNs

  • Cisco AnyConnect Support for IKEv2
  • Internet Key Exchange v1 and v2
  • Making IPsec the Primary Protocol for a Host Entry
  • IKEv2 Configuration Procedure
  • Configure a Cisco AnyConnect IPsec VPN on a Cisco ASA Appliance
  • Verify and Troubleshoot Cisco AnyConnect IPsec VPN on Cisco ASA Appliance
  • Summary

Module 6: Cisco ASA Adaptive Security Appliance High Availability and Virtualization

Lesson 1: Configuring Cisco ASA Adaptive Security Appliance Active/Standby High Availability

  • Failover Overview
  • Configuration Choices, Basic Procedures, and Required Input Parameters
  • Configuring and Verifying Active/Standby Failover
  • Tuning and Managing Active/Standby Failover
  • Remote Command Execution
  • Troubleshooting Active/Standby Failover
  • Summary

Lesson 2: Configuring Security Contexts on the Cisco ASA Adaptive Security Appliance

  • Multiple-Context Mode
  • Configuring Security Contexts
  • Verifying and Managing Security Contexts
  • Configuring and Verifying Resource Management
  • Troubleshooting Security Contexts
  • Summary

Module 7: Cisco ASA Product Family

Lesson 1: Implementing ASA 9.3 and 9.4.1 New Features

  • ASA REST API Basics
  • ASA ACL Forward Reference and ACL Manual Commit
  • ASA CLI Config Backup and Restore
  • ASA Policy-Based Routing
  • ASA Equal Cost Multiple Path Routing
  • ASA NSF Support
  • ASA 9.4.1+ VXLAN Support
  • Other New ASA 9.3+ Features

Module 8: Cisco ASA FirePOWER Services

Lesson 1: Installing Cisco ASA Firepower Services Module

  • Cisco ASA FirePOWER Services (SFR) Module Overview
  • Cisco FireSIGHT Management Center Overview
  • Cisco ASA FirePOWER Services Software Module Management Interface
  • Cisco ASA FirePOWER Services Module Package Installation
  • Cisco ASA FirePOWER Services Module Verification
  • Redirect Traffic to Cisco ASA FirePOWER Services Module
  • Summary

Lesson 2: Managing Cisco ASA FirePOWER Services Module Using Cisco FireSIGHT Management Center

  • Cisco FireSIGHT Management Center VM Installation and Setup
  • Cisco ASA FirePOWER Services Module and FireSIGHT License Requirements
  • Add Cisco ASA FirePOWER Services Module into FireSIGHT
  • FireSIGHT Policy Types Overview
  • Task Status Monitoring
  • System Policy Overview
  • Health Policy Overview
  • Objects Management Overview
  • Network Discovery Overview
  • Security Zones Overview
  • Active Directory Integration Overview
  • SourceFire User Agent Overview
  • Access Control Policy Overview
  • Intrusion Policy Overview
  • Cisco FireSIGHT Recommended Rules Overview
  • Intrusion Event Impact Levels Overview
  • File Policy Overview
  • Connection Events Monitoring
  • Events Display Time Range
  • Switch Workflow
  • IPS Events Monitoring
  • File Events Monitoring
  • Users Monitoring
  • Indication of Compromise Overview
  • Context Explorer
  • Dashboards
  • System Updates
  • Summary

Lesson 3: Describing the Cisco ASA 5506-X, 5508-X, and 5516-X FirePOWER Services

  • Cisco ASDM and FirePOWER On-Box FireSIGHT Manager
  • Cisco ASA FirePOWER Dashboard, Reporting, and Status
  • Cisco ASA FirePOWER Events Viewer
  • Gather Cisco ASA FirePOWER Troubleshooting Information for Cisco TAC
  • FirePOWER Licensing
  • Summary

Lesson 4: Configuring ASA Firepower Services v6.0 New Features

  • Firepower v6.0 Platforms
  • Deploy Dialog
  • Message Center
  • System Configurations and Devices Platform Settings
  • Network Analysis Policy
  • File Policy Enhancements
  • URL-Based Security Intelligence
  • DNS Policy
  • OpenAPPID
  • Intelligent Application Bypass
  • PKI, Cipher Suite Lists, and Distinguished Name Objects.
  • SSL Policy
  • Realm and Directory Server
  • Identity Policy
  • Capture Portal Active Authentication
  • ISE pxGrid Integration
  • ASDM On-Box Firepower Management
  • Firepower Multi-Domain Management
  • Summary

Pre-Requisites

The recommended knowledge and skills that a learner should have for the best learning outcome include:

  • Working knowledge of basic IP networking
  • Basic Cisco ASA Knowledge

Additional knowledge and skills that will help the learner benefit fully from the course are as follows:

  • Cisco ASA Firewall v2
  • Course Cisco ASA VPN v2 Course

Course Schedule

Date on Request
X

Contact Us

We would love to hear from you. Please complete this form to pre-book or request further information about our delivery options.

Subscribe

I'd like to receive emails with the latest updates and promotions from Insoft.

Data Protection & Privacy

I hereby allow Insoft Ltd. to contact me on this topic. Further, I authorise Insoft Ltd. processing, using collecting and storing my personal data for the purpose of these activities. All your data will be protected and secured as outlined in our privacy policy.