• 100 Queen St W, Brampton, ON L6X 1A4, Canada
  • +1-800-961-0337
START DATE END DATE CLASS TIMINGS MODE LOCATION ACTION
11/05/2018 11/09/2018
  • VLT
Live Online
11/26/2018 11/30/2018
  • VLT
Live Online
12/10/2018 12/14/2018
  • VLT
Live Online
01/28/2019 02/01/2019
  • VLT
Live Online
04/08/2019 04/12/2019
  • VLT
Live Online
06/03/2019 06/07/2019
  • VLT
Live Online
07/22/2019 07/26/2019
  • VLT
Live Online
10/21/2019 10/25/2019
  • VLT
Live Online
12/09/2019 12/13/2019
  • VLT
Live Online

SASAC - Implementing Core Cisco ASA Security v1.0

Course Overview

This upgraded course contains added profundity to the standard labs, utilizing a topology that mimics an ordinary generation arrange. You'll utilize ASA 5515 machines to work through arranging access control to and from your system. 

Furthermore, the PC frameworks and server frameworks are an essential piece of the lab condition. Here you will utilize Windows 8, Windows Server 2012, and Kali Linux to oversee, test, and even assault your lab arrange utilizing certifiable working frameworks and applications. 

WHAT YOU'LL LEARN 

  • Fundamentals of Cisco ASA 
  • Essential network and gadget administration 
  • System mix 
  • Design regular highlights of the Cisco ASA OS 
  • Cisco ASA strategy control 
  • Center Cisco ASA VPN basic segments 
  • Fundamental VPN segments 
  • Cisco clientless VPN arrangements 
  • Cisco AnyConnect full passage VPN arrangement 
  • Cisco ASA high accessibility and virtualization choices 
  • Highlights of Cisco ASA 5500-X Series Next-Generation Firewalls

SASAC - Implementing Core Cisco ASA Security v1.0

Course Outline

1. Cisco ASA Essentials 

  • Firewall Technologies 
  • Cisco ASA Features 
  • Cisco ASA Hardware 
  • Cisco ASA Licensing Options 
  • Cisco ASA Licensing Requirements 

2. Fundamental Connectivity and Device Management 

  • Dealing with the Cisco ASA Boot Process 
  • Dealing with the Cisco ASA Using the CLI 
  • Dealing with the Cisco ASA Using Cisco ASDM 
  • Exploring Basic Cisco ASDM Features 
  • Dealing with the Cisco ASA Basic Upgrade 
  • Overseeing Cisco ASA Security Levels 
  • Designing and Verifying Basic Connectivity Parameters 
  • Designing and Verifying Interface VLANs 
  • Designing a Default Route 
  • Designing and Verifying the Cisco ASA Security Appliance DHCP Server 
  • Investigating Basic Connectivity 

3. System Integration 

  • NAT on Cisco ASA Security Appliances 
  • Designing Object (Auto) NAT 
  • Designing Manual NAT 
  • Tuning and Troubleshooting NAT on the Cisco ASA 
  • Association Table and Local Host Table 
  • Designing and Verifying Interface ACLs 
  • Designing and Verifying Global ACLs 
  • Designing and Verifying Object Groups 
  • Designing and Verifying Public Servers 
  • Designing and Verifying Other Basic Access Controls 
  • Investigating ACLs 
  • Static Routing 
  • Dynamic Routing 
  • EIGRP Configuration and Verification 
  • Multicast Support 

4. Cisco ASA Policy Control 

  • Cisco MPF Overview 
  • Designing and Verifying Layer 3 and Layer 4 Policies 
  • Designing and Verifying a Policy for Management Traffic 
  • Layer 5 to Layer 7 Policy Control Overview 
  • Designing and Verifying HTTP Inspection 
  • Designing and Verifying FTP Inspection 
  • Supporting Other Layer 5 to Layer 7 Applications 
  • Investigating Application Layer Inspection 

5. Cisco ASA VPN Common Components 

  • VPN Definition 
  • Key Threats to WANs and Remote Access 
  • VPN Types 
  • VPN Components 
  • Cisco ASA VPN Policy Configuration 
  • Cisco ASA Connection Profiles 
  • Cisco ASA Group Policies 
  • Cisco ASA VPN AAA and External Policy Storage 
  • Cisco ASA User Attributes 
  • Access Control Methods 
  • VPN Accounting Using External Servers 
  • Dynamic Access Policy for SSL VPN 
  • Utilizing PKI 
  • Provisioning Server-Side Certificates on the Cisco ASA Adaptive Security Appliance 
  • CA Servers 
  • Conveying Client-Based Certificate Authentication 
  • SCEP Proxy Operations 
  • Empower Certificate Authentication in Connection Profile 
  • Designing Certificate-to-Connection Profile Mappings 

6. Cisco Clientless VPN Solution 

  • Cisco Clientless SSL VPN 
  • Cisco Clientless SSL VPN Use Cases 
  • Cisco Clientless SSL VPN Resource Access Methods 
  • Secure Sockets Layer and Transport Layer Security 
  • SSL Session Setup and Key Management 
  • SSL Server Authentication 
  • SSL Client Authentication 
  • SSL Transmission Protection 
  • Essential Cisco Clientless SSL VPN 
  • Server Authentication in Basic Clientless SSL VPN 
  • Customer side Authentication in Basic Clientless SSL VPN 
  • Clientless SSL VPN URL Entry and Bookmarks 
  • Essential Access Control for Clientless SSL VPN 
  • Handicapping Content Rewriting 
  • Essential Clientless SSL VPN Configuration Tasks 
  • Essential Clientless SSL VPN Configuration Scenario 
  • Arranging Basic Cisco Clientless SSL VPN 
  • Confirm Basic Cisco Clientless SSL VPN 
  • Investigating Basic Clientless SSL VPN Operations 
  • Cisco Clientless SSL VPN Application Access Overview 
  • Application Plug-Ins 
  • Arranging Application Plug-ins 
  • Confirm Clientless SSL VPN Application Plug-Ins 
  • Investigating Clientless SSL VPN Application Plug-Ins 
  • Shrewd Tunnels 
  • Arranging Smart Tunnels 
  • Confirming Smart Tunnels 
  • Investigate Smart Tunnels 
  • Customer side Authentication Options 
  • Customer side Authentication and Authorization Using AAA Server 
  • Twofold Client-side Authentication Using AAA Servers 
  • Investigating Client-side AAA Authentication 

7. Cisco AnyConnect Full Tunnel VPN Solution 

  • Essential Cisco AnyConnect SSL VPN 
  • SSL VPN Clients Authentication 
  • SSL VPN Clients IP Address Assignment 
  • SSL VPN Split Tunneling 
  • Design Scenario 
  • Design Tasks 
  • Empower AnyConnect SSL VPN 
  • Characterize IP Address Pool 
  • Arrange Identity NAT 
  • Arrange Group Policy 
  • Arrange Group Policy: Split Tunneling 
  • Arrange Connection Profile 
  • Screen AnyConnect VPN on Client 
  • Screen AnyConnect VPN on Server 
  • Cisco AnyConnect SSL VPN Solution Components 
  • DTLS Overview 
  • Parallel DTLS and TLS Tunnels 
  • Arrange DTLS 
  • Confirm DTLS 
  • Cisco AnyConnect Client Configuration Management 
  • Overseeing Cisco AnyConnect Software from Cisco ASA 
  • Cisco AnyConnect Client Operating System Integration Options 
  • Sending Cisco AnyConnect Trusted Network Detection 
  • Cisco AnyConnect Start Before Logon 
  • Sending Cisco AnyConnect Start Before Logon 
  • Cisco AnyConnect Advanced Authentication Scenarios 
  • Testament Based Server Authentication 
  • Customer Enrollment Methods 
  • Strategies for Revoking Credentials 
  • Empower Certificate-Based Authentication 
  • Empower Two-Factor Authentication 
  • Two-Factor Authentication with Name Pre-Fill 
  • Nearby Authorization Overview 
  • Nearby Authorization Configuration Procedure 
  • Design Local Authorization 
  • Check Local Authorization 
  • Outer Authorization Scenario 
  • Design Authorization Using LDAP/AD 
  • Check External Authorization 
  • Investigating Cisco AnyConnect VPN 
  • AnyConnect Support for IKEv2 
  • Web Key Exchange v1 and v2 
  • Making IPsec the Primary Protocol for a Host Entry 
  • IKEv2 Configuration Procedure 
  • Design a Cisco AnyConnect IPsec VPN on a Cisco ASA 
  • Check and Troubleshoot Cisco AnyConnect IPsec VPN on Cisco ASA 

8. Cisco ASA High Availability and Virtualization 

  • Designing and Verifying EtherChannel 
  • Designing and Verifying Redundant Interfaces 
  • Investigating EtherChannel and Redundant Interfaces 
  • Designing and Verifying Redundant Interfaces 
  • Investigating EtherChannel and Redundant Interfaces 
  • Designing Cisco ASA Active/Standby Failover High Availability 
  • Designing and Verifying Active/Standby Failover 
  • Tuning and Managing Active/Standby Failover 
  • Remote Command Execution 
  • Investigating Active/Standby Failover 
  • Different Context Mode 
  • Designing Security Contexts 
  • Checking and Managing Security Contexts 
  • Designing and Verifying Resource Management 
  • Investigating Security Contexts 
  • Self Study (discretionary) 
  • Dynamic/Active Failover 
  • Designing and Verifying Active/Active Failover 
  • Tuning and Managing Active/Active Failover 
  • Investigating Active/Active Failover 

LABS 

Review labs for: Classroom Live 

Classroom Live Labs 

  • Lab 1: Remote Lab Environment 
  • Lab 2: ASA Administration and Network Integration 
  • Lab 3: Network Address Translation 
  • Lab 4: Access Control and Troubleshooting 
  • Lab 5: MPF Basic Application Inspections 
  • Lab 6: MPF Advanced Application Inspections 
  • Lab 7: Basic Clientless SSL VPN 
  • Lab 8: Clientless SSL VPN Applications 
  • Lab 9: External AAA for Clientless SSL VPN 
  • Lab 10: Lab: Basic AnyConnect SSL VPN 
  • Lab 11: Advanced AnyConnect SSL VPN 
  • Lab 12: IPSec Remote Access VPN 
  • Lab 13: Active-Standby High Availability 

Awards