Request Information
Course Details
Securing Networks with ASA Foundation
Audience
- Cisco customers who implement and maintain Cisco ASA security appliances
- Cisco channel partners who sell, implement, and maintain ASA security appliances
- Cisco engineers who support the sale of ASA security appliances
Securing Networks with ASA Fundamentals (SNAF) v1.0 is a five-day, instructor-led, lab-intensive course, which will be delivered by Cisco Learning Partners. This task-oriented course teaches the knowledge and skills needed to configure, maintain, and operate Cisco ASA 5500 Series Adaptive Security Appliances. This course updates Securing Networks with PIX and ASA (SNPA) v5.0. In SNAF 1.0, the ASDM 6.0 graphical user interface (GUI) is used for configuration and monitoring. Although all lessons and labs are now GUI-based, the commands for each configuration task are also presented in the lessons for those who prefer to configure the security appliance via the command line
interface (CLI). In SNAF 1.0, lessons have been updated to cover new features in Cisco ASA and PIX Security Appliance Software Version
8.0(2), including the following:
- Threat detection
- Secure logging
- Remote command execution in failover pairs
- Redundant interfaces
- Modular policy framework enhancements
- Access control list renaming capability
- FTP support for SSL VPN
- Onscreen keyboard for the SSL VPN
- Administrator-defined customization of all SSL VPN user-visible content
- Personal bookmarks for SSL VPN users
- Introducing Cisco Security Appliance Technology and Features
- Firewalls
- Security Appliance Overview
- Introducing the Cisco ASA and PIX Security Appliance Families
- Models and Features of Cisco Security Appliances
- ASA Licensing Getting Started with Cisco Security Appliances
- User Interface
- File Management
- Security Appliance Security Levels
- ASDM Overview and Operating Requirements
- Preparing to Use ASDM
- Navigating ASDM Windows
- Configuring a Security Appliance
- Basic Security Appliance Configuration
- Examining Security Appliance Status
- Time Setting and NTP Support
- Syslog Configuration
- Configuring Translations and Connection Limits
- Transport Protocols
- Network Address Translation
- Port Address Translation
- Static Translations
- SYN Cookies and Connection Limits
- Connections and Translations
- Using ACLs and Content Filtering
- ACLs
- Malicious Active Code Filtering
- URL Filtering
- Packet Tracer
Configuring
- Object Grouping
- Overview of Object Grouping
- Configuring Object Groups and Using Them in ACLs
- Switching and Routing on Cisco Security Appliances
- VLAN Capabilities
- Static Routing
- Dynamic Routing
- Configuring AAA for Cut-Through Proxy
- Introduction to AAA
- Configuring the Local User Database
- Installing Cisco Secure ACS for Windows
- Cut-Through Proxy Authentication Configuration
- Authentication Prompts and Timeouts
- Authorization Configuration
- Accounting Configuration
- Configuring the Cisco Modular Policy Framework
- Modular Policy Framework Overview
- Class Map Overview
- Policy Map Overview
- Using ASDM to Configure a Modular Policy
- Configuring a Management Policy
- Displaying Modular Policy Framework Commands
- Configuring Advanced Protocol Handling
- Advanced Protocol Handling
- Protocol Application Inspection
- Multimedia Support
- Configuring Threat Detection
- Threat Detection Overview
- Basic Threat Detection
- Scanning Threat Detection
- Configuring and Viewing Threat Detection Statistics
- Configuring Site-to-Site VPNs Using Pre-Shared Keys
- Secure VPNs
- How IPsec Works
- Prepare to Configure an IPsec VPN
- Configuring a Site-to-Site VPN Using Pre-shared Keys
- Modifying the Site-to-Site VPN Configuration
- Test and Verify VPN Configuration
- Configuring Security Appliance Remote-Access VPNs
- Introduction to Cisco Easy VPN
- Overview of Cisco VPN Client
- Configuring Remote Access VPNs
- Configuring Users and Groups
- Configuring the Cisco ASA Security Appliance for SSL VPN
- SSL VPN Overview
- Using the SSL VPN Wizard to Configure Clientless SSL VPN
- Verifying Clientless SSL VPN Operations
- Configuring Transparent Firewall Mode
- Transparent Firewall Mode Overview
- How Data Traverses a Security Appliance in Transparent Mode
- Configuring Transparent Firewall Mode
- Monitoring and Maintaining Transparent Firewall Mode
- Configuring Security Contexts
- Security Context Overview
- Enabling Multiple Context Mode
- Configuring Security Contexts
- Managing Security Contexts
- Configuring Failover
- Understanding Failover
- Configuring Redundant Interfaces
- LAN-Based Active/Standby Failover Configuration
- Active/Active Failover Configuration
- Remote Command Execution
- Managing the Security Appliance
- Managing System Access
- Configuring Command Authorization
- Managing Configurations
- Managing Images and Activation Keys Labs
- Prepare to Use ASDM to Configure the Security Appliance
- Configure the Security Appliance with ASDM
- Configure Translations
- Configure Access Lists
- Configure Object Groups
- Configure AAA on the Security Appliance Using Cisco Secure ACS for Windows
- Configure Advanced Protocol Inspection on the Security Appliance
- Configure Threat Detection on the Security Appliance
- Configure Security Appliance Site-to-Site VPN
- Configure a Secure VPN Using IPsec Between a Security Appliance and a Cisco VPN Client
- Configure the Security Appliance to Provide Secure Clientless SSL VPN Connectivity
- Configure Security Appliance Transparent Firewall
- Configure LAN-Based Active/Standby Failover
- Configure LAN-Based Active/Active Failover
- Manage the Security Appliance