1­-855­-778­-7246

Implementing Advanced Cisco ASA Security (SASAA)

 

Course Content

Implementing Advanced Cisco ASA Security v2.1 provides you with knowledge of advanced features of Cisco ASA security products and enables you to implement the key features of ASA including FirePOWER services v6.0, ASA Identity Firewall, ASA Cloud Web security, ASA Clustering and virtual ASA.

Who should attend

  • Network engineers
  • Network designers and administrators
  • Network managers

Prerequisites

Implementing Core Cisco ASA Security (SASAC) or equivalent knowledge of the Cisco ASA.

Course Objectives

Upon completion of this course, you will be able to:

  • Describe the Cisco ASA 5500-X Series Next-Generation Firewalls, ASAv, ASA 5506-X, 5508-X, 5516-X, and ASASM and implement new ASA 9.4.1 features
  • Implement Cisco ASA Identity Firewall policies
  • Install and set up the Cisco Firepower Services Module (SFR)
  • Implement Cisco ASA Cloud Web Security
  • Implement cisco ASA Clustering
  • Describe Cisco ASA Security Group Firewall and Change of Authorization Support

Follow On Courses

Outline: Implementing Advanced Cisco ASA Security (SASAA)

Module 1: Cisco ASA Product Family

  • Introduction to ASA series firewalls
  • Introduction to ASAv
  • Deploy ASAv
  • ASAv Other hypervisors support, digitally signed image and management options
  • Verify ASAv VM
  • ASA 9.2.1 BGP IPv6 support
  • ASA 9.3 features
  • ASA 9.4.1 + VXLAN support
  • Describe the Cisco ASASM platforms, architecture, and features

Module 2: Cisco ASA Identity Firewall

  • ASA Identity Firewall benefits, flow and policies
  • Cisco CDA basic network configuration
  • Application status verification
  • Active directory server configuration
  • CDA user-account configuration
  • CDA GUI password policy configuration
  • Configure identity firewall policies on ASA
    • Using ASDM
    • Using CLI
  • FQDN network object configuration
  • Verify user-identity operations
  • CDA management with CLI, live log monitoring and troubleshooting

Module 3: Cisco ASA Firepower Services

  • SFR introduction
  • FireSIGHT management
  • SFR management interface, package installation and verification
  • FireSIGHT VM installation and setup
  • License requirement
  • Policy types introduction
  • Recommended rules introduction
  • Monitoring
  • ASDM and Firepower on-box FireSIGHT manager
  • Firepower dashboard, reporting, status and events viewer
  • Licensing
  • Firepower 6.0 features
  • System configurations and device platform settings
  • Firepower multidomain management

Module 4: Cisco ASA Cloud Web Security (CWS)

  • ASA with CWS introduction
  • CWS scanning processes
  • Licenses
  • ASA with CWS integration
  • CWS operations verification
  • Verify traffic redirection
  • Syslog messages
  • ScanCenter web filtering policy introduction and configuration
  • ASA CWS AMP introduction
  • CWS cognitive threat analysis
  • Threats reporting

Module 5: Cisco ASA Clustering

  • Cluster performance figures and supported platforms
  • Cluster data-interface modes and connections
  • CLL functions
  • Cluster dynamic-routing, NAT and PAT operations
  • Cluster terminology
  • TCP, asymmetric UDP, short-lived and centralized-feature traffic flows
  • Cluster management
  • Configuration with the CLI
  • Each unit configuration
  • Master unit configuration
  • Sample configuration of a two-unit cluster with spanned etherchannel and individual interface
  • Configure ASA cluster using Cisco ASDM
  • Cluster licensing
  • Verification types
  • Troubleshoot ASA cluster operations
  • Cluster features of v9.1.4, v9.2.1, v9.3.1 and v9.4.1

Module 6: Cisco ASA Security Group Firewall and Change of Authorization (Optional)

  • Cisco secure access architecture
  • SG Firewall configuration
  • SGACL operations monitoring
  • SGT features (post 9.0 releases)
  • Change of authorization introduction
  • Chang of authorization CLI and ASDM configurations

Labs:

  • Access the Remote Cisco Learning Lab Environment
  • Set Up and Test the ASAv
  • Implement New Features in ASA 9.3 and 9.4
  • Configure the Cisco CDA
  • Configure ASA IDFW
  • Cisco ASA Firepower Services Module Installation
  • Cisco Firepower Management Center Configuration
  • Configure ASA CWS
  • Cisco ASA Cluster Configuration
Online Training

Duration 5 days

Price
  • CAD 5,195
  • Cisco Learning Credits: 40 CLC
Classroom Training

Duration 5 days

Price
  • Canada: CAD 5,195
  • Cisco Learning Credits: 40 CLC
 
Click on town name to book Schedule
This is an Instructor-Led Classroom course
Fast Lane will carry out all guaranteed training regardless of the number of attendees, exempt from force majeure or other unexpected events, like e.g. accidents or illness of the trainer, which prevent the course from being conducted.
This computer icon in the schedule indicates that this date/time will be conducted as Instructor-Led Online Training.
This is a FLEX course, which is delivered both virtually and in the classroom.
  *   This class is delivered by a partner.
Canada

Currently there are no training dates scheduled for this course.  For enquiries please write to info@fastlaneca.com.

United States
Jul 13-17, 2020 Columbia, MD 09:00 US/Eastern * Enroll
Jul 13-17, 2020 Online Training 09:00 US/Central * Enroll
Jul 13-17, 2020 Online Training 09:00 US/Central * Enroll
Sep 28-Oct 2, 2020 Online Training 09:00 US/Central * Enroll
Sep 28-Oct 2, 2020 Overland Park 09:00 US/Central * Enroll
Sep 28-Oct 2, 2020 Online Training 09:00 US/Central * Enroll
Nov 30-Dec 4, 2020 Online Training 09:00 US/Central * Enroll
Nov 30-Dec 4, 2020 Online Training 09:00 US/Central * Enroll
Nov 30-Dec 4, 2020 Glendale 09:00 US/Pacific * Enroll

Fast Lane Flex™ Classroom If you can't find a suitable date, don't forget to check our world-wide FLEX™ training schedule.