1­-855­-778­-7246
> > > SSNGFW

Securing Networks with Cisco Firepower Next Generation Firewall (SSNGFW)

 

Contenu

The Securing Networks with Cisco Firepower Next Generation Firewall (SSNGFW) v1.0 course shows you how to deploy and use Cisco Firepower® Threat Defense system. This hands-on course gives you knowledge and skills to use and configure Cisco® Firepower Threat Defense technology, beginning with initial device setup and configuration and including routing, high availability, Cisco Adaptive Security Appliance (ASA) to Cisco Firepower Threat Defense migration, traffic control, and Network Address Translation (NAT). You will learn how to implement advanced Next-Generation Firewall (NGFW) and Next-Generation Intrusion Prevention System (NGIPS) features, including network intelligence, file type detection, network-based malware detection, and deep packet inspection. You will also learn how to configure site-to-site VPN, remote-access VPN, and SSL decryption before moving on to detailed analysis, system administration, and troubleshooting.

This course helps you prepare to take the exam, Securing Networks with Cisco Firepower (300-710 SNCF), which leads to CCNP Security and Cisco Certified Specialist – Network Security Firepower certifications. The 300-710 SNCF exam has a second preparation course as well, Securing Networks with Cisco Firepower Next-Generation Intrusion Prevention System (SSFIPS). You can take these courses in any order.

A qui s'adresse cette formation

This course is designed for technical professionals who need to know how to deploy and manage a Cisco Firepower NGIPS and NGFW in their network environments.

Targeted roles include:

  • Security administrators
  • Security consultants
  • Network administrators
  • System engineers
  • Technical support personnel
  • Channel partners and resellers

Certifications

Cette formation fait partie de la certification:

Pré-requis

Cisco recommends that you have the following knowledge and skills before taking this course:

  • Technical understanding of TCP/IP networking and network architecture
  • Basic familiarity with firewall and IPS concepts

Objectifs

This class will help you:

  • Implement Cisco Firepower NGFW to provide advanced threat protection before, during, and after attacks
  • Gain leading-edge skills for high-demand responsibilities focused on security


After taking this course, you should be able to:

  • Describe key concepts of NGIPS and NGFW technology and the Cisco Firepower Threat Defense system, and identify deployment scenarios
  • Perform initial Cisco Firepower Threat Defense device configuration and setup tasks
  • Describe how to manage traffic and implement quality of service (QoS) using Cisco Firepower Threat Defense
  • Describe how to implement NAT by using Cisco Firepower Threat Defense
  • Perform an initial network discovery, using Cisco Firepower to identify hosts, applications, and services
  • Describe the behavior, usage, and implementation procedure for access control policies
  • Describe the concepts and procedures for implementing security intelligence features

Outline: Securing Networks with Cisco Firepower Next Generation Firewall (SSNGFW)

Cisco Firepower Threat Defense Overview

  • Examining Firewall and IPS Technology
  • Firepower Threat Defense Features and Components
  • Examining Firepower Platforms
  • Cisco Firepower Implementation Use Cases

Cisco Firepower NGFW Device Configuration

  • Firepower Threat Defense Device Registration
  • FXOS and Firepower Device Manager
  • Initial Device Setup
  • Managing NGFW Devices
  • Examining Firepower Management Center Policies
  • Examining Objects
  • Examining System Configuration and Health Monitoring
  • Device Management
  • Examining Firepower High Availability
  • Configuring High Availability
  • Cisco ASA to Firepower Migration
  • Migrating from Cisco ASA to Firepower Threat Defense

Cisco Firepower NGFW Traffic Control

  • Firepower Threat Defense Packet Processing
  • Implementing QoS
  • Bypassing Traffic

Cisco Firepower NGFW Address Translation

  • NAT Basics
  • Implementing NAT
  • NAT Rule Examples
  • Implementing NAT

Cisco Firepower Discovery

  • Examining Network Discovery
  • Configuring Network Discovery
  • Implementing Access Control Policies
  • Examining Access Control Policies
  • Examining Access Control Policy Rules and Default Action
  • Implementing Further Inspection
  • Examining Connection Events
  • Access Control Policy Advanced Settings
  • Access Control Policy Considerations
  • Implementing an Access Control Policy

Security Intelligence

  • Examining Security Intelligence
  • Examining Security Intelligence Objects
  • Security Intelligence Deployment and Logging
  • Implementing Security Intelligence

File Control and Advanced Malware Protection

  • Examining Malware and File Policy
  • Examining Advanced Malware Protection

Next-Generation Intrusion Prevention Systems

  • Examining Intrusion Prevention and Snort Rules
  • Examining Variables and Variable Sets
  • Examining Intrusion Policies

Site-to-Site VPN

  • Examining IPsec
  • Site-to-Site VPN Configuration
  • Site-to-Site VPN Troubleshooting
  • Implementing Site-to-Site VPN

Remote-Access VPN

  • Examining Remote-Access VPN
  • Examining Public-Key Cryptography and Certificates
  • Examining Certificate Enrollment
  • Remote-Access VPN Configuration
  • Implementing Remote-Access VPN

SSL Decryption

  • Examining SSL Decryption
  • Configuring SSL Policies
  • SSL Decryption Best Practices and Monitoring

Detailed Analysis Techniques

  • Examining Event Analysis
  • Examining Event Types
  • Examining Contextual Data
  • Examining Analysis Tools
  • Threat Analysis

System Administration

  • Managing Updates
  • Examining User Account Management Features
  • Configuring User Accounts
  • System Administration

Cisco Firepower Troubleshooting

  • Examining Common Misconfigurations
  • Examining Troubleshooting Commands
  • Firepower Troubleshooting
Classroom training

Durée 5 jours

Prix
  • Canada: CAD 5 200,-
  • Cisco Learning Credits: 40 CLC
Formation en ligne

Durée 5 jours

Prix
  • Canada: CAD 5 200,-
  • Cisco Learning Credits: 40 CLC
 
pointer une ville pour s'enregistrer Agenda
This is an Instructor-Led Classroom course
Fast Lane s’engage à mettre en œuvre les formations garanties quelque soit le nombre de participants, en dehors des cas de force majeurs ou d’événements exceptionnels, comme un accident ou un maladie de l’instructeur.
Cours en ligne avec instructeur
  *   This class is delivered by a partner.
Canada

Actuellement aucune session planifiée  For enquiries please write to info@fastlaneca.com.

Etats-Unis
Nov 18-22, 2019 garanti ! Formation en ligne 09:00 US/Eastern * S'inscrire
Dec 9-13, 2019 Formation en ligne 10:00 US/Central * S'inscrire
Dec 9-13, 2019 garanti ! Formation en ligne 09:00 US/Pacific * S'inscrire
Dec 16-20, 2019 garanti ! Formation en ligne 09:00 US/Eastern * S'inscrire
Jan 6-10, 2020 Formation en ligne 09:00 US/Mountain * S'inscrire
Jan 13-17, 2020 Formation en ligne 09:00 US/Central * S'inscrire
Jan 27-31, 2020 Formation en ligne 09:00 US/Eastern * S'inscrire
Feb 3-7, 2020 Formation en ligne 09:00 US/Pacific * S'inscrire
Feb 10-14, 2020 Formation en ligne 09:00 US/Eastern * S'inscrire
Feb 24-28, 2020 Formation en ligne 09:00 US/Central * S'inscrire
Europe
Pays-Bas
Dec 2-6, 2019 garanti ! Formation en ligne Fuseau horaire: Europe/Amsterdam Langue: Anglais * S'inscrire
Feb 17-21, 2020 Formation en ligne Fuseau horaire: Europe/Amsterdam Langue: Anglais * S'inscrire
Royaume-Uni
Nov 25-29, 2019 garanti ! Formation en ligne Fuseau horaire: Europe/London * S'inscrire
Jan 20-24, 2020 Formation en ligne Fuseau horaire: Europe/London * S'inscrire
Mar 9-13, 2020 Formation en ligne Fuseau horaire: Europe/London * S'inscrire