This 5-day course provides network security engineers with the knowledge and skills to implement and maintain Cisco ASA adaptive security appliances. Students will learn how to implement basic connectivity, access controls, network integration features, virtualization, high availability, and security modules. Upon completion, students will be able to configure interfaces, routing, device management, NAT, firewall modes, failover, and integrate security service modules. Prerequisites include Cisco CCNA and CCNA Security certification or equivalent knowledge.

1. Cisco® Deploying Cisco® ASA Firewall Features (FIREWALL)
Duration:
5Day(s)
Overview:
This course provides network security engineers with the knowledge and skills needed to
implement and maintain Cisco ASA adaptive security appliance-based perimeter solutions.
At Course Completion:
Skills the Student will Learn - Implement and maintain basic Cisco ASA adaptive security
appliance connectivity and device management plane features. - Implement and maintain data
plane access control features of the Cisco ASA adaptive security appliance product family. -
Implement and maintain Cisco ASA adaptive security appliance features that integrate it with the
local and global routing and switching infrastructure. - Implement and maintain Cisco ASA
adaptive security appliance virtualization and high availability features. - Evaluate Cisco ASA
adaptive security appliance SSM modules, their major features, and integrate them with the Cisco
ASA adaptive security appliance. Technical Features of the Course - Cisco ASA Adaptive Security -
Application-layer policies - Advanced access controls - NAT - Security appliance failover
Certification FIREWALL v1.0 is part of the CCNP Security track (FIREWALL v1.0 exam is 642-617
FIREWALL v1.0)
Prerequisite(s) or equivalent knowledge:
Cisco® Interconnecting Cisco® Networking Devices Part 1 (ICND1)
Cisco® Interconnecting Cisco® Networking Devices Part 2 (ICND2)
Cisco® Implementing Cisco® IOS Network Security (IINS)
Prerequisite Comments:
The knowledge and skills that a learner must have before attending this course: • Cisco
Certified Network Associate (CCNA) certification or equivalent knowledge. • Cisco Certified
Network Associate Security (CCNA Security) certification or equivalent knowledge. • Working
knowledge of the Microsoft Windows operating system
Outline:
Lesson 1: Introducing the Cisco ASA Adaptive Security Appliance
Introducing Cisco ASA Adaptive Security Appliance Technology and Features
Introducing the Cisco ASA Adaptive Security Appliance Family
Lesson 2: Implementing Basic Connectivity and Device Management
Getting Started with the Cisco ASA Adaptive Security Appliance and Cisco ASDM
Configuring Interfaces and Static Routing
Configuring Basic Device Management Features
Configuring Management Access
Lab 2-1: Configuring Basic Connectivity

2. Lab 2-2: Configuring Management Features
Lesson 3: Deploying Cisco ASA Adaptive Security Appliance Access Control Features
Configuring Basic Access Control
Using Cisco ASA Adaptive Security
Appliance Modular Policy Framework
Tuning Basic Stateful Inspection Features
Appliance Stateful Inspection Features
Configuring Application-Layer Policies
Configuring Advanced Access Controls
Configuring Resource Limits and Guarantees
Configuring User-Based Policies (Cut-Through Proxy)
Lab 3-1: Configuring Basic Access Control
Lab 3-2: Tuning Basic Cisco ASA Adaptive Security
Lab 3-3: Configuring Application-Layer Policies
Lab 3-4: Configuring Advanced Access Controls
Lab 3-5: Configuring User-Based Policies (Cut-Through Proxy)
Lesson 4: Deploying Cisco ASA Adaptive Security Appliance Network Integration Features
Deploying Network Address Translation
Configuring Cisco ASA Adaptive Security Appliance Transparent Operation
Lab 4-1: Configuring Cisco ASA Adaptive Security Appliance NAT
Lab 4-2: Configuring Transparent Firewall Mode
Lesson 5: Deploying Cisco ASA Adaptive Security Appliance Virtualization and High
Availability Features
Deploying Cisco ASA Adaptive Security Appliance Virtualization Features
Deploying Cisco ASA Adaptive Security Appliance Redundant Interfaces
Deploying Active/Standby High Availability Failover
Deploying Active/Active High Availability Failover
Lab 5-1: Deploying a Cisco ASA Adaptive Security Appliance Active/Standby Failover
Lab 5-2: Deploying a Cisco ASA Adaptive Security Appliance Active/Active Failover
Lesson 6: Integrating Cisco ASA Adaptive Security Appliance Security Service Modules
Introduction to Cisco ASA Adaptive Security Appliance Security Service Modules
Integrating the Cisco ASA Adaptive Security Appliance AIP-SSM and AIP-SSC Modules
Integrating the Cisco ASA Adaptive Security Appliance CSC-SSM Module