Course Catalog > Cisco Routing and Switching Training > Securing Networks with ASA Foundations (SNAF)
Securing Networks with ASA Foundations (SNAF)
Securing Networks with ASA Fundamentals (SNAF)
Securing Networks with ASA Fundamentals (SNAF) is a five-day, instructor-led, lab-intensive course. This task-oriented course teaches the knowledge and skills needed to configure, maintain, and operate Cisco ASA 5500 Series Adaptive Security Appliances.
Securing Networks with ASA Fundamentals lessons and labs are now GUI-based, the commands for each configuration task are also presented in the lessons for those who prefer to configure the security appliance via the command line interface (CLI). In SNAF 1.0, learners will have the ability to implement the following:
Threat detection- Secure logging
- Remote command execution in failover pairs
- Redundant interfaces
- Modular policy framework enhancements
- Access control list renaming capability
- FTP support for SSL VPN
- Onscreen keyboard for the SSL VPN
- Administrator-defined customization of all SSL VPN user-visible content
- Personal bookmarks for SSL VPN users
The CTCLC Difference
Current Technologies Computer Learning Center uses REAL CISCO EQUIPMENT for our labs. Our certified instructors will help guide you to a sucessful completion of your training. Our Instructors are CCIE, CCNP, CCIP, CCVP, and CCSP qualified. CTCLC has convenient day or night schedules to fit your needs. We can also do onsite classes with our top notch portable labs. In our Cisco courses, EVERY STUDENT HAS THEIR OWN POD OF CISCO EQUIPMENT. Students do not share equipment. Our instructors are the very best and give 110% to their Students. We care about every student we train and we have a free resit policy for all of our courses for the same revision. You will not find a better training experience anywhere. Current Technologies Computer Learning Center is Cisco Learning Partner, Microsoft Gold Certified Partner for Learning Solutions (CPLS), CompTIA Learning Alliance Member, EC-Council Accredited Training Center, and many others. We offer the highest quality, authorized training that you will find anywhere. |
|
Objectives
Upon completing this course, you will be able to meet these overall objectives:
-
Explain the functions of the three types of firewalls used to secure today’s computer networks.
-
Describe the technology and features of Cisco security appliances.
-
Given diagrams of networks protected by Cisco Adaptive Security Appliances (ASAs) and Cisco PIX Security Appliances, explain how each appliance protects network devices from attacks and why each is an appropriate choice for the example network.
-
Given a PC and ASA, bootstrap the security appliance, prepare the security appliance for configuration via the Cisco Adaptive Security Device Manager (ASDM), and launch and navigate ASDM.
-
Given a PC and ASA, use ASDM and the CLI to perform essential security appliance configuration.
-
Given a PC and ASA, use ASDM to configure dynamic and static address translations in the security appliance.
-
Given a PC and ASA, use ASDM to configure switching and routing on the security appliance.
-
Given a PC, ASA, and a security policy, use ASDM to configure access control lists, filter malicious active codes, and filter URLs to meet the requirements of the security policy.
-
Given a PC and ASA, use the packet tracer for troubleshooting.
-
Given a PC, ASA, and a security policy, use ASDM to configure object groups that meet the requirements of the security policy.
-
Given a PC, ASA, and a security policy, use ASDM to configure AAA as needed to meet the requirements of the security policy.
-
Given a PC, ASA, and a security policy, use ASDM to configure a modular policy that supports the security policy.
-
Given a PC, ASA, and a security policy, use ASDM to configure protocol inspection to meet the requirements of the security policy.
-
Given a PC, ASA, and a security policy, use ASDM and the CLI to configure threat detection to meet the requirements of the security policy.
-
Given a student PC, ASA, and a security policy, use ASDM to configure the security appliance to support a site-to-site VPN that meets the requirements of the security policy.
-
Given a student PC and ASA, use ASDM to configure the security appliance to provide secure connectivity using remote access VPNs.
-
Given a PC, ASA, and a security policy, configure the security appliance to run in transparent firewall mode as needed to meet the requirements of the security policy.
-
Given a PC, ASA, and a security policy, enable, configure, and manage multiple contexts as needed to meet the requirements of the security policy.
-
Given a PC, ASA, and a network topology, select and configure the type of failover that best suits the network topology.
-
Given a PC, a ASA, and a security policy, monitor and manage an installed security appliance.
Duration
- 5 days, Instructor-led classroom training
Prerequisites
- Skills and knowledge equivalent to Interconnecting Cisco Networking Devices Part 1 (ICND1)
- Skills and knowledge equivalent to Interconnecting Cisco Networking Devices Part 2 (ICND2)
- Working knowledge of the Windows operating system
- Familiarity with networking and security terms and concepts
CTCLC Special Discounts
SNAF
Securing Networks with ASA Foundation
$3,495.00
Call (219) 764-3800 for Current Specials
Above pricing is for Portage, Indiana location
Special prices available for on-site training
For more Information or Registration for Securing Networks with ASA Fundamentals (SNAF) or Redeeming Cisco Learning Credits
Contacts Us
EMail: Sales@ctclc.com
Phone: (219) 764-3800
Who Should Attend
The primary audience for this course is as follows:
- Network designers
- Network administrators
- Network engineers
- Network managers
- Systems engineers
- Project Managers
- Cisco customers who implement and maintain Cisco ASA security appliances
- Cisco channel partners who sell, implement, and maintain ASA security appliances
- Cisco engineers who support the sale of ASA security appliances
Course Outline:
Lesson 1: Introducing Cisco Security Appliance Technology and Features
- Firewalls
- Security Appliance Overview
Lesson 2: Introducing the Cisco ASA and PIX Security Appliance Families
- Models and Features of Cisco Security Appliances
- ASA Licensing
Lesson 3: Getting Started with Cisco Security Appliances
- User Interface
- File Management
- Security Appliance Security Levels ASDM Overview and Operating Requirements
- Preparing to Use ASDM
- Navigating ASDM Windows
Lesson 4: Configuring a Security Appliance
- Basic Security Appliance Configuration
- Examining Security Appliance Status
- Time Setting and NTP Support
- Syslog Configuration
Lesson 5: Configuring Translations and Connection Limits
- Transport Protocols
- Network Address Translation
- Port Address Translation
- Static Translations
- SYN Cookies and Connection Limits
- Connections and Translations
Lesson 6: Using ACLs and Content Filtering 
- ACLs
- Malicious Active Code Filtering
- URL Filtering
- Packet Tracer
Lesson 7: Configuring Object Grouping
- Overview of Object Grouping
- Configuring Object Groups and Using Them in ACLs
Lesson 8: Switching and Routing on Cisco Security Appliances
- VLAN Capabilities
- Static Routing
- Dynamic Routing
Lesson 9: Configuring AAA for Cut-Through Proxy
- Introduction to AAA
- Configuring the Local User Database
- Installing Cisco Secure ACS for Windows
- Cut-Through Proxy Authentication Configuration
- Authentication Prompts and Timeouts
- Authorization Configuration
- Accounting Configuration
Lesson 10: Configuring the Cisco Modular Policy Framework
- Modular Policy Framework Overview
- Class Map Overview
- Policy Map Overview
- Using ASDM to Configure a Modular Policy
- Configuring a Management Policy
- Displaying Modular Policy Framework Commands
Lesson 11: Configuring Advanced Protocol Handling
- Advanced Protocol Handling
- Protocol Application Inspection
- Multimedia Support
Lesson 12: Configuring Threat Detection
- Threat Detection Overview
- Basic Threat Detection
- Scanning Threat Detection
- Configuring and Viewing Threat Detection Statistics
Lesson 13: Configuring Site-to-Site VPNs Using Pre-Shared Keys
- Secure VPNs
- How IPsec Works
- Prepare to Configure an IPsec VPN
- Configuring a Site-to-Site VPN Using Pre-shared Keys
- Modifying the Site-to-Site VPN Configuration
- Test and Verify VPN Configuration
Lesson 14: Configuring Security Appliance Remote-Access VPNs
- Introduction to Cisco Easy VPN
- Overview of Cisco VPN Client
- Configuring Remote Access VPNs
- Configuring Users and Groups
Lesson 15: Configuring the Cisco ASA Security Appliance for SSL VPN
- SSL VPN Overview
- Using the SSL VPN Wizard to Configure Clientless SSL VPN
- Verifying Clientless SSL VPN Operations
Lesson 16: Configuring Transparent Firewall Mode
- Transparent Firewall Mode Overview
- How Data Traverses a Security Appliance in Transparent Mode
- Configuring Transparent Firewall Mode
- Monitoring and Maintaining Transparent Firewall Mode
Lesson 17: Configuring Security Contexts
- Security Context Overview
- Enabling Multiple Context Mode
- Configuring Security Contexts
- Managing Security Contexts
Lesson 18: Configuring Failover
- Understanding Failover
- Configuring Redundant Interfaces
- LAN-Based Active/Standby Failover Configuration
- Active/Active Failover Configuration
- Remote Command Execution
Lesson 19: Managing the Security Appliance
- Managing System Access
- Configuring Command Authorization
- Managing Configurations
- Managing Images and Activation Keys
Hands-on Lab Exercises
- Lab 3-1: Prepare to Use ASDM to Configure the Security Appliance
- Lab 4-1: Configure the Security Appliance with ASDM
- Lab 5-1: Configure Translations
- Lab 6-1: Configure Access Lists
- Lab 7-1: Configure Object Groups
- Lab 9-1: Configure AAA on the Security Appliance Using Cisco Secure ACS for Windows
- Lab 11-1: Configure Advanced Protocol Inspection on the Security Appliance
- Lab 12-1: Configure Threat Detection on the Security Appliance
- Lab 13-1: Configure Security Appliance Site-to-Site VPN
- Lab 14-1: Configure a Secure VPN Using IPsec Between a Security Appliance and a Cisco VPN Client
- Lab 15-1: Configure the Security Appliance to Provide Secure Clientless SSL VPN Connectivity
- Lab 16-2: Configure Security Appliance Transparent Firewall
- Lab 18-1: Configure LAN-Based Active/Standby Failover
- Lab 18-2: Configure LAN-Based Active/Active Failover
- Lab 19-1: Manage the Security Appliance
Certification Path
Required Exam(s) |
Recommended Training |
|
|---|---|---|
642-524 |
|
|
Current Technologies Computer Learning Center is an authorized VUE Cisco Testing Center .
Registration Information
For more Information or Registration for Securing Networks with ASA Fundamentals (SNAF) or Redeeming Cisco Learning Credits
Contacts Us
EMail: Sales@ctclc.com
Phone: (219) 764-3800