Cisco ASA Essentials- Implementing Cisco ASA Security Features with FirePower Integration

This course provides advanced training on the key Cisco ASA features including the following:

• Describe the Cisco ASA 5500-X Basic Connectivity and Device Management
• Access Control and Troubleshooting
• MPF Basic Application
• Clientless SSL VPN
• Full Client AnyConnect VPN
• Active-Standby HA and Cluster
• Install and Set up the Cisco FirePOWER Services Module (SFR)
• Configuring and Testing ASA SFR

Module 1: Evaluating Cisco ASA Adaptive Security Appliance Technologies

• Firewall Technologies

Module 2: Basic Connectivity and Device Management

• Managing the Cisco ASA Boot Process
• Managing the Cisco ASA Adaptive Security Appliance Using CLI
• Managing the Cisco ASA Using Cisco ASDM
• Navigating Basic Cisco ASDM Features
• Managing the Cisco ASA Basic Upgrade
• Managing Cisco ASA Security Levels
• Configuring and Verifying Basic Connectivity Parameters
• Troubleshooting Basic Connectivity

Module 3: Cisco ASA Policy Control

• Cisco MPF Overview
• Configuring and Verifying Layer 3 and Layer 4 Policies

Module 4: Cisco ASA VPN Common Components

• VPN Definition
• Key Threats to WANs and Remote Access
• VPN Types
• Cisco ASA VPN Policy Configuration
• Cisco ASA Connection Profiles
• Cisco ASA VPN AAA and External Policy Storage
• Cisco ASA User attributes
• Access Control Methods
• VPN Accounting Using Externals Servers
• Dynamic Access Policy for SSL VPN
• Using PKI
• Provisioning Server-Side Certificates on the Cisco ASA Adaptive Security Appliance
• CA Servers
• Deploying Client-Based Certificate Authentication
• SCEP Proxy Operation
• Enable Certificate Authentication in Connection Profile
• Configuring Certificate-to-Connection Profile Mappings

Module 5: Cisco Clientless VPN

• Cisco Clientless SSL VPN
• Cisco Clientless SSL VPN Use Cases
• Cisco Clientless SSL VPN Resource Access Methods
• Secure Sockets Layer and Transport Layer Security
• SSL Session Setup and Key Management
• SSL Server Authentication
• SSL Client Authentication
• SSL Transmission Protection
• Basic Cisco Clientless SSL VPN
• Server Authentication in Basic Clientless SSL VPN
• Client-side Authentication in Basic Clientless SSL VPN
• Clientless SSL VPN URL Entry and Bookmarks
• Basic Access Control for Clientless SSL VPN
• Disabling Content Rewriting
• Basic Clientless SSL VPN Configuration Tasks
• Basic Clientless SSL VPN Configuration Scenario
• Configuring Basic Cisco Clientless SSL VPN
• Verify Basic Cisco Clientless SSL VPN
• Troubleshooting Basic Clientless SSL VPN Operations
• Cisco Clientless SSL VPN Application Access Overview
• Application Plug-Ins
• Configuring Application Plug-ins
• Verify Clientless SSL VPN Application Plug-Ins
• Troubleshooting Clientless SSL VPN Application Plug-Ins
• Smart Tunnels
• Configuring Smart Tunnels
• Verifying Smart Tunnels
• Troubleshoot Smart Tunnels
• Client-side Authentication Options
• Client-side Authentication and Authorization Using AAA Server
• Double Client-side Authentication Using AAA Servers

Module 6: Cisco AnyConnect Full Tunnel VPN Solution

• Basic Cisco AnyConnect SSL VPN
• SSL VPN Clients Authentication
• SSL VPN Clients IP Address Assignment
• SSL VPN Split Tunneling
• Configuration Scenario
• Configuration Tasks
• Enable AnyConnect SSL VPN
• Define IP Address Pool
• Configure Identity NAT
• Configure Group Policy
• Configure Group Policy: Split Tunneling
• Configure Connection Profile
• Monitor AnyConnect VPN on Client
• Monitor AnyConnect VPN on Server
• Cisco AnyConnect SSL VPN Solution Components
• DTLS Overview
• Parallel DTLS and TLS Tunnels
• Configure DTLS
• Verify DTLS
• Cisco AnyConnect Client Configuration Management
• Managing Cisco AnyConnect Software from Cisco ASA
• Cisco AnyConnect Client Operating System Integration Options
• Deploying Cisco AnyConnect Trusted Network Detection
• Cisco AnyConnect Start Before Logon
• Deploying Cisco AnyConnect Start Before Logon
• Cisco AnyConnect Advanced Authentication Scenarios
• Certificate-Based Server Authentication
• Client Enrollment Methods
• Methods for Revoking Credentials
• Enable Certificate-Based Authentication
• Enable Two-Factor Authentication
• Two-Factor Authentication with Name Pre-Fill
• Local Authorization Overview
• Local Authorization Configuration Procedure
• Configure Local Authorization
• Verify Local Authorization
• External Authorization Scenario
• Configure Authorization Using LDAP/AD
• Verify External Authorization
• Troubleshooting Cisco AnyConnect VPN
• AnyConnect Support for IKEv2
• Internet Key Exchange v1 and v2
• Making IPsec the Primary Protocol for a Host Entry
• IKEv2 Configuration Procedure
• Configure a Cisco AnyConnect IPsec VPN on a Cisco ASA
• Verify and Troubleshoot Cisco AnyConnect IPsec VPN on Cisco ASA

Module 7: Cisco ASA High Availability

• Configuring Cisco ASA Active / Standby Failover High Availability
• Configuring and Verifying Active / Standby Failover
• Tuning and Managing Active / Standby Failover
• Remote Command Execution
• Troubleshooting Active / Standby Failover

Module 8: Cisco ASA FirePower (SFR) Module

• Describing Cisco ASA Cluster Features
• Cluster Performance Figures and Supported Platforms
• Cluster Data-Interface Modes
• Cluster Data-Interface Connections
• CCL Functions
• Cluster Master and Slave Unit Election
• Centralized, Distributed and Unsupported Cisco ASA Features
• Cluster Dynamic-Routing Operations
• Cluster NAT and PAT Operations

Module 9: Cisco ASA FirePower (SFR) Module

• Managing Cisco ASA FirePOWER Services Module Using Cisco FireSIGHT Management Center
• Configuring ASA Firepower Services v6.0 New Features

Suggested that you have the knowledge of CCNA-Implementing and Administering Cisco Solutions

• Network administrators, managers, coordinators
• Anyone who requires advanced training on the ASA 5500-X
• Security technicians, administrators, and engineers