Course Details
Objectives
Upon completing this course, the learner will be able to meet these overall objectives:
- Present an overview of the Cisco Security Manager product, describe the main product features, and introduce the basic deployment tasks
- Manage configuration of Cisco ASA adaptive security appliances and Cisco FWSM firewall devices, and explain firewall event management and device configuration correlation
- Describe the most commonly used VPN topologies and their deployment
- Examine the configuration of intrusion prevention mechanisms on the Cisco IOS platform, modules, and standalone appliances, as well as explain the Cisco IPS event and configuration correlation
- Explain how Cisco Security Manager works with Cisco IOS devices, including the new Cisco ISR G2 routers
- Describe the FlexConfig functionality of Cisco Security Manager, the workflow mode of operation, and administrative tasks and integration with Cisco Secure ACS
Outline
CSM Overview
- Using CSM
- Installation Procedure
- Working with the User Interface
- New Features of 4.0
- Managing Devices
- Preparing the Devices for CSM
- Device View
- Adding Devices to CSM Inventory
- Working with Devices with Dynamically Assigned IP Addresses
- Device Properties, Credentials, and Grouping
- On-Demand, Out-of-Band Change Detection
- Managing Policies
- Policies Overview
- Managing Policies in Device View
- Managing Shared Policies in Policy View
- Interface Roles
- Advanced Policy Features
- Policy Locking
- Discovering Policies
- Managing Objects
- Objects Overview
- Policy Object Manager Window
- Overriding Global Objects for Individual Devices
- Selecting Objects for Policies
- Using Map View
- Maps Overview
- Displaying Your Network on the Map
- Managing Firewall Services
- Managing VPNs
- Managing Device Policies
Firewall Policy Management
- Managing Firewall Services
- Managing Rules Tables
- Access Rules and Their Functions
- Access Control Settings
- Inspection Rules
- AAA Rules
- Web Filter Rules
- Transparent and Zone-Based Firewall Rules
- Interface and Global Rules
- Botnet Traffic Filtering
- Managing Firewall Devices
- Platform Policies
- NAT Policies
- Bridging Policies
- Device Administration Policies
- Logging Policies
- Multicast Policies
- Routing Policies
- Security Policies
- Service Policy Rules
- Security Contexts
- Event Monitoring and Rule Correlation for Firewalls
- Supported Devices and Events in Event Viewer
- EventServer Overview
- Cisco ASA Device Bootstrapping
- Event-to-Policy Correlation
- Event Collection and Event Viewer Settings
VPN Policy Configuration
- Managing VPNs
- Overview of Site-to-Site VPNs
- Working with VPN Topologies
- Working with Site-to-Site VPN Policies
- Configuring Advanced VPN Platforms
- Managing Remote Access IPsec VPNs
- Overview of Remote-Access VPNs
- Working with Policies in Remote-Access VPNs
- Configuring VPN Options
- Configuring Client-Based SSL VPNs
- SSL VPN Management Features and Platform Support
- Overview of Remote-Access SSL VPNs
- Bootstrapping Cisco ASA for Full Tunnel SSL VPN
- Configuring Full Tunnel SSL VPN
- Configuring Clientless SSL VPNs
- Clientless SSL VPN Overview
- Clientless SSL VPN Configuration
- Working with Application Plug-Ins
- SSL VPN Portal Customization
- Configuring Advanced VPN Configurations
- Managing Cisco Security Desktop Policy
- Configuring Dynamic Access Policies (DAP)
- Creating Group Policies
- Creating Remote Connection Profiles
- Working with VPN AAA
- Deploying Advanced VPN Technologies
- Hub-and-Spoke Prerequisites
- DMVPN Overview
- GET VPN Overview
- GRE over IPsec
- VPN Dial Backup
- VRF-Aware IPsec
- VPN High Availability
Cisco IPS Solutions Management
- Managing Cisco IPS Services
- Overview of Network Sensing
- Configuring Interfaces
- Configuring and Working with IPS Signatures
- Configuring Anomaly Detection
- Configuring Event Actions
- Configuring Global Correlation
- Managing Cisco IPS Devices
- Managing Modules and Appliances
- Configuring Policies
- Managing Updates
- Managing Cisco IPS Events
- CSM IPS Event Management
- Mapping IPS Events to Policies
Cisco IOS Device Provisioning
- Managing Routers
- Overview of Policy Management
- Working with Platform Policies
- NAT Policies
- Interface Policies
- Configuring Device Administration Policies
- Identity Policies
- Logging and QoS Policies
- Routing Policies
- Advanced Routing Configuration Options
- Zone-Based Firewall
- Using the Cisco Catalyst 6500 Series Switch and Cisco 7600 Series Router Device Manager
- Managing Policies
Management, Deployment, and Administration of FlexConfigs in CSM
- Managing FlexConfigs
- FlexConfig Overview
- Creating FlexConfig Policy Objects
- Working with FlexConfig
- Managing Activities and Workflow Deployments
- Working with Activities
- Managing Deployment
- Implementing Integration Between CSM and Cisco Secure ACS
- Roles in CSM
- RBAC with Cisco Secure ACS
- Configuring Cisco Secure ACS and CSM for RBAC Integration
- Backing Up and Restoring CSM Databases
- Using Monitoring, Troubleshooting, and Diagnostic Tools
- Using the Tools Menu
- Understanding CiscoWorks MCP
- Understanding Cisco Packet Tracer
- Cisco Security MARS Integration
Pre-Requisites
Cisco CCNP Security certification:
- Securing Networks with Cisco Routers and Switches (SECURE)
- Deploying Cisco ASA Firewall Features (FIREWALL)
- Deploying Cisco ASA VPN Solutions (VPN)
- Implementing Cisco Intrusion Prevention System (IPS7)
- Understanding of networking and routing (on the CCNP level, but no certification is required).
- Understanding of different VPN technologies (such as DMVPN, GET VPN, and SSL VPN).
- Working knowledge of the Microsoft Windows operating system.