• Course
  • Vendor

This enhanced course contains added depth to the standard labs, using a topology that simulates a typical production network. You'll use ASA 5515 appliances to work through configuring access control to and from your network.

  • Course Start Date: 2019-06-03
  • Time: 08:30:00 - 16:30:00
  • Duration: 5 days 08:30 AM - 04:30 PM
  • Location: Virtual
  • Delivery Methods(s): Virtual Instructor Led

Course Outline

Pre-Requisites

Knowledge of the Cisco ASA IINS 2.0 - Implementing Cisco IOS Network Security

Lessons

Learn the essential skills required to work with the Cisco ASA 5500-X Next Generation Firewall features.

This enhanced course contains added depth to the standard labs, using a topology that simulates a typical production network. You'll use ASA 5515 appliances to work through configuring access control to and from your network.

Additionally, the PC systems and server systems are an integral part of the lab environment. Here you will use Windows 8, Windows Server 2012, and Kali Linux to manage, test, and even attack your lab network using real-world operating systems and applications.

A Global Knowledge Exclusive:  You Get...
  • An enhanced lab topology based on our Flexible Security Architecture that represents a real-world network
  • 10 extra e-Lab credits, good for 30 days, so you can practice and refine your skills
  • Enhanced content that exceeds standard authorized Cisco content
  • World-class Certified Cisco Systems instructors
What You'll Learn
  • Essentials of Cisco ASA
  • Basic connectivity and device management
  • Network integration
  • Configure common features of the Cisco ASA OS
  • Cisco ASA policy control
  • Core Cisco ASA VPN common components
  • Main VPN components
  • Cisco clientless VPN solutions
  • Cisco AnyConnect full tunnel VPN solution
  • Cisco ASA high availability and virtualization options
  • Features of Cisco ASA 5500-X Series Next-Generation Firewalls
Who Needs to Attend

Network engineers supporting Cisco ASA 9.x implementations

Follow-On Courses
  • SASAA - Implementing Advanced Cisco ASA Security v1.2
Certification Programs and Certificate Tracks

This course is part of the following programs or tracks:

  • CCIE Security
Course Outline
1. Cisco ASA Essentials
  • Firewall Technologies
  • Cisco ASA Features
  • Cisco ASA Hardware
  • Cisco ASA Licensing Options
  • Cisco ASA Licensing Requirements
2. Basic Connectivity and Device Management
  • Managing the Cisco ASA Boot Process
  • Managing the Cisco ASA Using the CLI
  • Managing the Cisco ASA Using Cisco ASDM
  • Navigating Basic Cisco ASDM Features
  • Managing the Cisco ASA Basic Upgrade
  • Managing Cisco ASA Security Levels
  • Configuring and Verifying Basic Connectivity Parameters
  • Configuring and Verifying Interface VLANs
  • Configuring a Default Route
  • Configuring and Verifying the Cisco ASA Security Appliance DHCP Server
  • Troubleshooting Basic Connectivity
3. Network Integration
  • NAT on Cisco ASA Security Appliances
  • Configuring Object (Auto) NAT
  • Configuring Manual NAT
  • Tuning and Troubleshooting NAT on the Cisco ASA
  • Connection Table and Local Host Table
  • Configuring and Verifying Interface ACLs
  • Configuring and Verifying Global ACLs
  • Configuring and Verifying Object Groups
  • Configuring and Verifying Public Servers
  • Configuring and Verifying Other Basic Access Controls
  • Troubleshooting ACLs
  • Static Routing
  • Dynamic Routing
  • EIGRP Configuration and Verification
  • Multicast Support
4. Cisco ASA Policy Control
  • Cisco MPF Overview
  • Configuring and Verifying Layer 3 and Layer 4 Policies
  • Configuring and Verifying a Policy for Management Traffic
  • Layer 5 to Layer 7 Policy Control Overview
  • Configuring and Verifying HTTP Inspection
  • Configuring and Verifying FTP Inspection
  • Supporting Other Layer 5 to Layer 7 Applications
  • Troubleshooting Application Layer Inspection
5. Cisco ASA VPN Common Components
  • VPN Definition
  • Key Threats to WANs and Remote Access
  • VPN Types
  • VPN Components
  • Cisco ASA VPN Policy Configuration
  • Cisco ASA Connection Profiles
  • Cisco ASA Group Policies
  • Cisco ASA VPN AAA and External Policy Storage
  • Cisco ASA User Attributes
  • Access Control Methods
  • VPN Accounting Using External Servers
  • Dynamic Access Policy for SSL VPN
  • Using PKI
  • Provisioning Server-Side Certificates on the Cisco ASA Adaptive Security Appliance
  • CA Servers
  • Deploying Client-Based Certificate Authentication
  • SCEP Proxy Operations
  • Enable Certificate Authentication in Connection Profile
  • Configuring Certificate-to-Connection Profile Mappings
6. Cisco Clientless VPN Solution
  • Cisco Clientless SSL VPN
  • Cisco Clientless SSL VPN Use Cases
  • Cisco Clientless SSL VPN Resource Access Methods
  • Secure Sockets Layer and Transport Layer Security
  • SSL Session Setup and Key Management
  • SSL Server Authentication
  • SSL Client Authentication
  • SSL Transmission Protection
  • Basic Cisco Clientless SSL VPN
  • Server Authentication in Basic Clientless SSL VPN
  • Client-side Authentication in Basic Clientless SSL VPN
  • Clientless SSL VPN URL Entry and Bookmarks
  • Basic Access Control for Clientless SSL VPN
  • Disabling Content Rewriting
  • Basic Clientless SSL VPN Configuration Tasks
  • Basic Clientless SSL VPN Configuration Scenario
  • Configuring Basic Cisco Clientless SSL VPN
  • Verify Basic Cisco Clientless SSL VPN
  • Troubleshooting Basic Clientless SSL VPN Operations
  • Cisco Clientless SSL VPN Application Access Overview
  • Application Plug-Ins
  • Configuring Application Plug-ins
  • Verify Clientless SSL VPN Application Plug-Ins
  • Troubleshooting Clientless SSL VPN Application Plug-Ins
  • Smart Tunnels
  • Configuring Smart Tunnels
  • Verifying Smart Tunnels
  • Troubleshoot Smart Tunnels
  • Client-side Authentication Options
  • Client-side Authentication and Authorization Using AAA Server
  • Double Client-side Authentication Using AAA Servers
  • Troubleshooting Client-side AAA Authentication
7. Cisco AnyConnect Full Tunnel VPN Solution
  • Basic Cisco AnyConnect SSL VPN
  • SSL VPN Clients Authentication
  • SSL VPN Clients IP Address Assignment
  • SSL VPN Split Tunneling
  • Configuration Scenario
  • Configuration Tasks
  • Enable AnyConnect SSL VPN
  • Define IP Address Pool
  • Configure Identity NAT
  • Configure Group Policy
  • Configure Group Policy: Split Tunneling
  • Configure Connection Profile
  • Monitor AnyConnect VPN on Client
  • Monitor AnyConnect VPN on Server
  • Cisco AnyConnect SSL VPN Solution Components
  • DTLS Overview
  • Parallel DTLS and TLS Tunnels
  • Configure DTLS
  • Verify DTLS
  • Cisco AnyConnect Client Configuration Management
  • Managing Cisco AnyConnect Software from Cisco ASA
  • Cisco AnyConnect Client Operating System Integration Options
  • Deploying Cisco AnyConnect Trusted Network Detection
  • Cisco AnyConnect Start Before Logon
  • Deploying Cisco AnyConnect Start Before Logon
  • Cisco AnyConnect Advanced Authentication Scenarios
  • Certificate-Based Server Authentication
  • Client Enrollment Methods
  • Methods for Revoking Credentials
  • Enable Certificate-Based Authentication
  • Enable Two-Factor Authentication
  • Two-Factor Authentication with Name Pre-Fill
  • Local Authorization Overview
  • Local Authorization Configuration Procedure
  • Configure Local Authorization
  • Verify Local Authorization
  • External Authorization Scenario
  • Configure Authorization Using LDAP/AD
  • Verify External Authorization
  • Troubleshooting Cisco AnyConnect VPN
  • AnyConnect Support for IKEv2
  • Internet Key Exchange v1 and v2
  • Making IPsec the Primary Protocol for a Host Entry
  • IKEv2 Configuration Procedure
  • Configure a Cisco AnyConnect IPsec VPN on a Cisco ASA
  • Verify and Troubleshoot Cisco AnyConnect IPsec VPN on Cisco ASA
8. Cisco ASA High Availability and Virtualization
  • Configuring and Verifying EtherChannel
  • Configuring and Verifying Redundant Interfaces
  • Troubleshooting EtherChannel and Redundant Interfaces
  • Configuring and Verifying Redundant Interfaces
  • Troubleshooting EtherChannel and Redundant Interfaces
  • Multiple-Context Mode
  • Configuring Security Contexts
  • Verifying and Managing Security Contexts
  • Configuring and Verifying Resource Management
  • Troubleshooting Security Contexts
Self Study (optional)
  • Active/Active Failover
  • Configuring and Verifying Active/Active Failover
  • Tuning and Managing Active/Active Failover
  • Troubleshooting Active/Active Failover
Labs
Lab 1: Remote Lab Environment
Lab 2: ASA Administration and Network Integration
Lab 3: Network Address Translation
Lab 4: Access Control and Troubleshooting
Lab 5: MPF Basic Application Inspections
Lab 6: MPF Advanced Application Inspections
Lab 7: Basic Clientless SSL VPN
Lab 8: Clientless SSL VPN Applications
Lab 9: External AAA for Clientless SSL VPN
Lab 10: Lab: Basic AnyConnect SSL VPN
Lab 11: Advanced AnyConnect SSL VPN
Lab 12: IPSec Remote Access VPN
Lab 13: Active-Standby High Availability

Cancellation Policy

We require 16 calendar days notice to reschedule or cancel any registration. Failure to provide the required notification will result in 100% charge of the course. If a student does not attend a scheduled course without prior notification it will result in full forfeiture of the funds and no reschedule will be allowed. Within the required notification period, only student substitutions will be permitted. Reschedules are permitted at anytime with 16 or more calendar days notice. Enrollments must be rescheduled within six months of the cancel date or funds on account will be forfeited.

Training Location

Online Classroom
your office

your city, your province
your country   

About Global Knowledge

x

Global Knowledge is the world's leading learning services and professional development solutions provider. We deliver learning solutions to support customers as they adapt to key business transformations and technological advancements that drive the way that organizations around the world differentiate themselves and thrive. Our learning programs, whether designed for a global organization or an individual professional, help businesses close skills gaps and foster an environment of continuous talent development.

Training Provider Rating

This vendor has an overall average rating of 4.39 out of 5 based on 424 reviews.

No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
Wasn’t as advanced as I thought it would be. There was an issue when the day my course was the first time they used a new platfo ... Read more
x

Wasn’t as advanced as I thought it would be. There was an issue when the day my course was the first time they used a new platform.. from adobe to something called zoom; I had to call support line cause it stated our instructor wasn’t present. Thankfully I called cause everyone online was in the adobe virtual classroom waiting for what looked like a teacher who didn’t show up for class (IT didn’t get anything resolved until 10mins after start time). I felt like he was really getting hung up on very basic knowledge for the first half of the course (talking about how to create tabs and drag formulas as an example). I completed files a few times before he was done explaining. There was a scheduled fire drill for them (roughly 30mins)that also cut into our time, which wasn’t deducted from the hour lunch break or the two, fifteen min breaks. I also really wish he touched base more on the automating workbook functions portion which we barely did. I'm happy there were/are those study guides (learning videos) and exams to take on my own time that I hope after I've had the class are still available for me to learn from.

No comment
No comment
No comment
No comment
It was difficult to practice on my PC while trying to watch the presentation online.
No comment
David was excellent!! I am very for having this course!!

Course Reviews

No Reviews Yet