Description
Securing Networks with ASA Fundamentals (SNAF) v1.0
is a five-day, instructor-led, lab-intensive course, which will be
delivered by Cisco Learning Partners. This task-oriented course teaches
the knowledge and skills needed to configure, maintain, and operate
Cisco ASA 5500 Series Adaptive Security Appliances.
This course updates Securing Networks with PIX and
ASA (SNPA) v5.0. In SNAF 1.0, the ASDM 6.0 graphical user interface
(GUI) is used for configuration and monitoring. Although all lessons
and labs are now GUI-based, the commands for each configuration task
are also presented in the lessons for those who prefer to configure the
security appliance via the command line interface (CLI). In SNAF 1.0,
lessons have been updated to cover new features in Cisco ASA and PIX
Security Appliance Software Version 8.0(2), including the following:
- Threat detection
- Secure logging
- Remote command execution in failover pairs
- Redundant interfaces
- Modular policy framework enhancements
- Access control list renaming capability
- FTP support for SSL VPN
- Onscreen keyboard for the SSL VPN
- Administrator-defined customization of all SSL VPN user-visible content
- Personal bookmarks for SSL VPN users
Objectives
- Explain the functions of the three types of firewalls used to secure today's computer networks.
- Describe the technology and features of Cisco security appliances.
- Given diagrams of networks protected by Cisco Adaptive
Security Appliances (ASAs) and Cisco PIX Security Appliances, explain
how each appliance protects network devices from attacks and why each
is an appropriate choice for the example network.
- Given a PC and a Cisco 5520 ASA, bootstrap the security
appliance, prepare the security appliance for configuration via the
Cisco Adaptive Security Device Manager (ASDM), and launch and navigate
ASDM.
- Given a PC and a Cisco 5520 ASA, use ASDM and the CLI to perform essential security appliance configuration.
- Given a PC and a Cisco 5520 ASA, use ASDM to configure dynamic and static address translations in the security appliance.
- Given a PC and a Cisco 5520 ASA, use ASDM to configure switching and routing on the security appliance.
- Given a PC, a Cisco 5520 ASA, and a security policy, use ASDM
to configure access control lists, filter malicious active codes, and
filter URLs to meet the requirements of the security policy.
- Given a PC and a Cisco 5520 ASA, use the packet tracer for troubleshooting.
- Given a PC, a Cisco 5520 ASA, and a security policy, use ASDM
to configure object groups that meet the requirements of the security
policy.
- Given a PC, a Cisco 5520 ASA, and a security policy, use ASDM
to configure AAA as needed to meet the requirements of the security
policy.
- Given a PC, a Cisco 5520 ASA, and a security policy, use ASDM to configure a modular policy that supports the security policy.
- Given a PC, a Cisco 5520 ASA, and a security policy, use ASDM
to configure protocol inspection to meet the requirements of the
security policy.
- Given a PC, a Cisco 5520 ASA, and a security policy, use ASDM
and the CLI to configure threat detection to meet the requirements of
the security policy.
- Given a student PC, a Cisco 5520 ASA, and a security policy,
use ASDM to configure the security appliance to support a site-to-site
VPN that meets the requirements of the security policy.
- Given a student PC and a Cisco 5520 ASA, use ASDM to
configure the security appliance to provide secure connectivity using
remote access VPNs.
- Given a PC, a Cisco 5520 ASA, and a security policy,
configure the security appliance to run in transparent firewall mode as
needed to meet the requirements of the security policy.
- Given a PC, a Cisco 5520 ASA, and a security policy, enable,
configure, and manage multiple contexts as needed to meet the
requirements of the security policy.
- Given a PC, a Cisco 5520 ASA, and a network topology, select
and configure the type of failover that best suits the network
topology.
- Given a PC, a Cisco 5520 ASA, and a security policy, monitor and manage an installed security appliance.
Prerequisites
- Cisco CCNAŽ certification or the equivalent knowledge
- Basic knowledge of the Microsoft Windows operating system
- Familiarity with networking and security terms and concepts
Who Should Attend
The primary and secondary audience for this course is as follows:
- Cisco customers who implement and maintain Cisco ASA security appliances
- Cisco channel partners who sell, implement, and maintain ASA security appliances
- Cisco engineers who support the sale of ASA security appliances
|