your one source for IT & AV

Training Presentation Systems Services & Consulting Cloud Services Purchase Client Center Computer Museum
Arrow Course Schedule | Classroom Rentals | Student Information | Free Seminars | Client Feedback | Partners | Survey | Standby Discounts

Cisco ASA Essentials- Implementing Cisco ASA Security Features with FirePower Integration

SS Course: GK821245

Course Overview


This course provides advanced training on the key Cisco ASA features including the following:

  • Describe the Cisco ASA 5500-X Basic Connectivity and Device Management
  • Access Control and Troubleshooting
  • MPF Basic Application
  • Clientless SSL VPN
  • Full Client AnyConnect VPN
  • Active-Standby HA and Cluster
  • Install and Set up the Cisco FirePOWER Services Module (SFR)
  • Configuring and Testing ASA SFR

Scheduled Classes




Module 1: Evaluating Cisco ASA Adaptive Security Appliance Technologies

  • Firewall Technologies

Module 2: Basic Connectivity and Device Management

  • Managing the Cisco ASA Boot Process
  • Managing the Cisco ASA Adaptive Security Appliance Using CLI
  • Managing the Cisco ASA Using Cisco ASDM
  • Navigating Basic Cisco ASDM Features
  • Managing the Cisco ASA Basic Upgrade
  • Managing Cisco ASA Security Levels
  • Configuring and Verifying Basic Connectivity Parameters
  • Troubleshooting Basic Connectivity

Module 3: Cisco ASA Policy Control

  • Cisco MPF Overview
  • Configuring and Verifying Layer 3 and Layer 4 Policies

Module 4: Cisco ASA VPN Common Components

  • VPN Definition
  • Key Threats to WANs and Remote Access
  • VPN Types
  • Cisco ASA VPN Policy Configuration
  • Cisco ASA Connection Profiles
  • Cisco ASA VPN AAA and External Policy Storage
  • Cisco ASA User attributes
  • Access Control Methods
  • VPN Accounting Using Externals Servers
  • Dynamic Access Policy for SSL VPN
  • Using PKI
  • Provisioning Server-Side Certificates on the Cisco ASA Adaptive Security Appliance
  • CA Servers
  • Deploying Client-Based Certificate Authentication
  • SCEP Proxy Operation
  • Enable Certificate Authentication in Connection Profile
  • Configuring Certificate-to-Connection Profile Mappings

Module 5: Cisco Clientless VPN

  • Cisco Clientless SSL VPN
  • Cisco Clientless SSL VPN Use Cases
  • Cisco Clientless SSL VPN Resource Access Methods
  • Secure Sockets Layer and Transport Layer Security
  • SSL Session Setup and Key Management
  • SSL Server Authentication
  • SSL Client Authentication
  • SSL Transmission Protection
  • Basic Cisco Clientless SSL VPN
  • Server Authentication in Basic Clientless SSL VPN
  • Client-side Authentication in Basic Clientless SSL VPN
  • Clientless SSL VPN URL Entry and Bookmarks
  • Basic Access Control for Clientless SSL VPN
  • Disabling Content Rewriting
  • Basic Clientless SSL VPN Configuration Tasks
  • Basic Clientless SSL VPN Configuration Scenario
  • Configuring Basic Cisco Clientless SSL VPN
  • Verify Basic Cisco Clientless SSL VPN
  • Troubleshooting Basic Clientless SSL VPN Operations
  • Cisco Clientless SSL VPN Application Access Overview
  • Application Plug-Ins
  • Configuring Application Plug-ins
  • Verify Clientless SSL VPN Application Plug-Ins
  • Troubleshooting Clientless SSL VPN Application Plug-Ins
  • Smart Tunnels
  • Configuring Smart Tunnels
  • Verifying Smart Tunnels
  • Troubleshoot Smart Tunnels
  • Client-side Authentication Options
  • Client-side Authentication and Authorization Using AAA Server
  • Double Client-side Authentication Using AAA Servers

Module 6: Cisco AnyConnect Full Tunnel VPN Solution

  • Basic Cisco AnyConnect SSL VPN
  • SSL VPN Clients Authentication
  • SSL VPN Clients IP Address Assignment
  • SSL VPN Split Tunneling
  • Configuration Scenario
  • Configuration Tasks
  • Enable AnyConnect SSL VPN
  • Define IP Address Pool
  • Configure Identity NAT
  • Configure Group Policy
  • Configure Group Policy: Split Tunneling
  • Configure Connection Profile
  • Monitor AnyConnect VPN on Client
  • Monitor AnyConnect VPN on Server
  • Cisco AnyConnect SSL VPN Solution Components
  • DTLS Overview
  • Parallel DTLS and TLS Tunnels
  • Configure DTLS
  • Verify DTLS
  • Cisco AnyConnect Client Configuration Management
  • Managing Cisco AnyConnect Software from Cisco ASA
  • Cisco AnyConnect Client Operating System Integration Options
  • Deploying Cisco AnyConnect Trusted Network Detection
  • Cisco AnyConnect Start Before Logon
  • Deploying Cisco AnyConnect Start Before Logon
  • Cisco AnyConnect Advanced Authentication Scenarios
  • Certificate-Based Server Authentication
  • Client Enrollment Methods
  • Methods for Revoking Credentials
  • Enable Certificate-Based Authentication
  • Enable Two-Factor Authentication
  • Two-Factor Authentication with Name Pre-Fill
  • Local Authorization Overview
  • Local Authorization Configuration Procedure
  • Configure Local Authorization
  • Verify Local Authorization
  • External Authorization Scenario
  • Configure Authorization Using LDAP/AD
  • Verify External Authorization
  • Troubleshooting Cisco AnyConnect VPN
  • AnyConnect Support for IKEv2
  • Internet Key Exchange v1 and v2
  • Making IPsec the Primary Protocol for a Host Entry
  • IKEv2 Configuration Procedure
  • Configure a Cisco AnyConnect IPsec VPN on a Cisco ASA
  • Verify and Troubleshoot Cisco AnyConnect IPsec VPN on Cisco ASA

Module 7: Cisco ASA High Availability

  • Configuring Cisco ASA Active / Standby Failover High Availability
  • Configuring and Verifying Active / Standby Failover
  • Tuning and Managing Active / Standby Failover
  • Remote Command Execution
  • Troubleshooting Active / Standby Failover

Module 8: Cisco ASA FirePower (SFR) Module

  • Describing Cisco ASA Cluster Features
  • Cluster Performance Figures and Supported Platforms
  • Cluster Data-Interface Modes
  • Cluster Data-Interface Connections
  • CCL Functions
  • Cluster Master and Slave Unit Election
  • Centralized, Distributed and Unsupported Cisco ASA Features
  • Cluster Dynamic-Routing Operations
  • Cluster NAT and PAT Operations

Module 9: Cisco ASA FirePower (SFR) Module

  • Managing Cisco ASA FirePOWER Services Module Using Cisco FireSIGHT Management Center
  • Configuring ASA Firepower Services v6.0 New Features



    Suggested that you have the knowledge of CCNA-Implementing and Administering Cisco Solutions

      Who Should Attend

      • Network administrators, managers, coordinators
      • Anyone who requires advanced training on the ASA 5500-X
      • Security technicians, administrators, and engineers