> > > SAEXS

Cisco ASA Express Security (SAEXS)

Course Description Schedule Course Outline
 

Student Testimonials

"Bill is a really knowledgeable instructor and has been really helpful. He makes sure that everyone is on the same page and does his best to make sure that all students understand the material."
- Gurjot Bakshi, Algo Communication Products

Course Content

Cisco ASA Express Security (SAEXS) course provides an understanding of the Cisco ASA solution portfolio and successfully configure various aspects of the Cisco ASA components including Cisco ASA Firewall features and functions, Cisco ASA with FirePOWER Services and Cisco ASA Remote Access VPN including Clientless and AnyConnect.

There is a required Exam to attain ASA Express Security Specialization for partners and this class is the recommended course to prepare for the Exam.

Who should attend

  • Channel Partner / Reseller
  • Customer
  • Employee

Prerequisites

  • Knowledge of IP networking and IP header fields
  • Basic understanding of firewall uses and roles
  • Basic understanding of firewall functions such as NAT, Application Inspection, Packet Filtering
  • Basic understanding of common security threats and mitigation techniques such malware, DoS, Intrusion Prevention, URL filtering

Course Objectives

  • Describe the Cisco ASA technology
  • Describe how to configure network integration and mange network settings for the Cisco ASA
  • Choose, configure, and troubleshoot Cisco ASA security appliance features
  • Introduce and deploy Cisco Remote Access VPN
  • Describe NGFW capabilities provided by the Cisco ASA with FirePOWER Service Module and their configuration using FireSIGHT Management Center
    • Application Visibility and Control
    • Next-Generation IPS
    • URL Filtering
    • Advanced Malware Protection (AMP)
  • Describe the features of Cisco's ASA Cloud Web Security
  • Explore Cisco ASA Active/Standby High Availability

Detailed Course Outline

Module 1: Introducing Cisco ASA Solutions
  • Firewall Technologies
  • Cisco ASA Adaptive Security Appliance Features
  • Cisco ASA Adaptive Security Appliance Hardware
Module 2: Exploring Cisco ASA Connectivity Basics
  • Managing the Cisco ASA Adaptive Security Appliance Boot Process
  • Managing the Cisco ASA Adaptive Security Appliance Using Cisco ASDM
  • Navigating Basic Cisco ASDM Features
  • Managing the Cisco ASA Adaptive Security Appliance Basic Upgrade
  • Managing Cisco ASA Adaptive Security Appliance Security Levels
  • Managing Basic Cisco ASA Adaptive Security Appliance Network Settings
  • Configuring and Verifying Interface VLANs
  • Configuring a Default Route
  • Static Routing
  • Dynamic Routing
  • Cisco ASA Backup
  • Cisco ASA Restore
Module 3: Configuring ASA Basic Access Control Foundation
  • NAT on Cisco ASA Security Appliances
  • Configuring Object (Auto) NAT
  • Configuring Manual NAT
  • Configuring and Verifying Public Servers
  • Tuning and Troubleshooting NAT on the Cisco ASA Adaptive Security Appliance
  • Connection Table and Local Host Table
  • Configuring and Verifying Interface ACLs
  • Configuring and Verifying Global ACLs
  • Configuring and Verifying Object Groups
  • Configuring and Verifying Other Basic Access Controls
  • Configure object NAT for the inside network and DMZ server
Module 4: Deploying Cisco Remote Access VPN
  • Cisco ASA Clientless SSL VPN Solution
  • Configuration Choices and Configuration Procedure
  • Configuring Basic Cisco ASA Adaptive Security Appliance Gateway Features and Gateway Authentication
  • Configuring Basic User Authentication
  • Configuring Basic Access Control
  • Tuning Gateway Content Rewriting
  • Introduction to Cisco AnyConnect Client
  • Cisco AnyConnect Client Core Features
  • Cisco AnyConnect Network Access Manager
  • Cisco AnyConnect Secure Mobility Modules
  • Cisco AnyConnect Secure Reporting and Troubleshooting Modules
  • Cisco AnyConnect Secure Mobility Licensing
  • Basic Cisco AnyConnect SSL VPN
  • Additional Cisco AnyConnect Deployment Options
  • Configuring Cisco ASA Gateway Features
  • Configuring Local User Authentication and IP Address Assignment
  • Configuring Access Control and Split Tunneling
  • Deploying DTLS
  • Installing and Configuring Cisco AnyConnect 3.0
  • Managing Cisco AnyConnect Software
Module 5: Introducing the Cisco FirePOWER Services (SFR)
  • Cisco NGFW Security Services Overview
  • Cisco FirePOWER Services Module Overview
  • Cisco FireSIGHT Management Center Overview
  • Cisco FirePOWER Services Module Management Interfaces
  • Cisco FirePOWER Services Module Package Installation
  • Redirect Traffic to the Cisco FirePOWER Services Module
  • Cisco FirePOWER Servives Module Verification
  • FireSIGHT Management Center VM Installation and Setup
  • Add the FirePOWER Services Module into FireSIGHT
  • FirePOWER Services Module and FireSIGHT License Requirements
  • FireSIGHT Policy Types Overview
  • Network Discovery Overview
  • System Policy Overview
  • Health Policy Overview
  • Security Zones Overview
  • Active Directory Integration Overview
  • SourceFire User Agent Overview
  • Active Directory Integration Overview
  • SourceFire User Agent Overview
  • Access Control Policy Overview
  • Intrusion Policy Overview
  • FireSIGHT Recommended Rules Overview
  • File Policy Overview
  • Intrusion Event Impact Levels Overview
  • Indication of Compromise Overview
  • Task Status Monitoring
  • Connection Events Monitoring
  • Events Display Time Range
  • IPS and File Events Monitoring
  • Users Monitoring
  • Dashboards
  • System Updates
Module 6: Introducing Cisco ASA Cloud Web Security
  • Cisco ASA with Cisco Cloud Web Security
  • Cisco ScanCenter
  • Cisco ASA with Cloud Web Security Authentication Keys
  • Cisco ASA and Cloud Web Security Proxy-Server Configuration
  • ScanCenter Generation of an Authentication Key for Cisco ASA
  • Traffic Redirection from Cisco ASA to Cloud Web Security Proxy Servers
  • Cisco ASA and Cloud Web Security Proxy Server User-Identity Configuration
Module 7: Introducing Cisco ASA High Availability
  • Cisco ASA Adaptive Security Appliance Active/Standby Failover Overview
  • Active Unit Election
  • Switchover Event
  • Failover Management
  • Failover Deployment Options
  • Configuring and Verifying Active/Standby Failover
  • Tuning and Managing Active/Standby Failover
  • Remote Command Execution

Labs

  • Preparing Cisco ASA for Network Integration and Configuring Basic Settings
  • Configuring NAT and Basic Access Control
  • Configure Cisco AnyConnect Client SSL Solution
  • Cisco ASA FirePOWER Services (SFR) Module Installation and Setup
  • Cisco FireSIGHT Management Center Configuration
  • Cisco ASA and Cloud Web Security Integration
Classroom Training

Duration 2 days

Price
  • United States: US$ 1,995
  • Cisco Learning Credits: 20 CLC
Enroll now
Online Training

Duration 2 days

Price
  • United States: US$ 1,995
  • Cisco Learning Credits: 20 CLC
Enroll now