> > > ASA

Cisco ASA 9.1 Update Workshop (ASA)

Course Description Schedule Course Outline
 

Course Overview

Cisco is making your network more secure, bringing advanced features into the 9.1 release of its award-winning Adaptive Security Appliance (ASA) family of products, including:

  • Support for IPsec LAN-to-LAN tunnels to encrypt failover and state link communications
  • Support for private VLANs on the ASA Services Module
  • ASA 5585-X support for network modules
  • Support for NetFlow flow-update events and an expanded set of NetFlow templates
  • Improved Host Scan and ASA Interoperability
  • Clientless SSL VPN: Windows 8 Support

This hands-on 2-day workshop immerses you into the new features, configuration, operations and updating to Cisco ASA version 9.1 (ASDM 7.1). You will get a hands-on experience updating the ASA, and working with the new features.

Who should attend

Network technicians who are responsible for the implementation and maintenance of a Cisco ASA solution based on the 9.1 software release, including:

  • Firewall administrators
  • Security engineers
  • Cisco Security Professionals
  • Cisco Integrators/Partners
  • Systems engineers
  • Consulting systems engineers
  • Technical solutions architects

Class Prerequisites

Students should have taken !CI-FIREWALL or have the equivalent knowledge of the configuration, deployment and management of the Cisco Adaptive Security Appliance.

What You Will Learn

This course is based on the Cisco ASA software release 9.1 (ASDM 7.1) and details the differences between the software versions 8.3, 8.4, 9.0 and 9.1. Students learn how to successfully deploy a software update from version 8.x to 8.4/91, learn about the new features of Cisco AnyConnect and SSL VPN and receive knowledge of IPv6 in combination with the Cisco ASA solution.

Outline: Cisco ASA 9.1 Update Workshop (ASA)

Module 1 - ASA Appliance Overview

  • The Cisco ASA 5500 Series: Performance differences
  • The Cisco ASA 5500 Series: hardware differentiation
  • The ASA 100v
  • ASA 5585-X Features
  • Identifying ASA Licensing Options
  • Additional New Features for ASA

Module 2 – Configuring ASA Network Address Translation

  • NAT Overview for version 8.3 and later
  • Configuring Object (Auto) NAT
  • Configuring Manual NAT
  • Tuning and Troubleshooting NAT on the ASA

Module 3 – Configuring ASA Basic Access Control Features

  • Connection Table and Local Host Table
  • Configuring and Verifying Interface ACLs
  • Configuring and Verifying Global ACLs
  • Configuring and Verifying Object Groups
  • Configuring and Verifying Public-facing Servers

Module 4 – Configuring Cisco ASA Identity Firewall

  • Configuring and Verifying Identity Firewall
  • Installing and configuring the Context Directory Agents
  • Deployment Scenarios
  • Identity Firewall Workflow
  • Installing and Configuring the AD Agent
  • Configuring the AD Domain
  • Configuring the Identity Options
  • Identity Firewall Access Rules

Module 5 – Configuring the Cisco ASA Transparent Firewall

  • Transparent Firewall Essentials
  • Transparent Firewall Configuration Tasks
  • Configuring and Verifying Transparent Firewall Mode
  • Configuring and Verifying Transparent Firewall Layer 3 through 7 Access Controls
  • Configuring and Verifying Transparent Firewall Layer 2 Access Controls
  • Troubleshooting Transparent Firewalls

Module 6 – Configuring Cisco ASA High Availability

  • Configuring and Verifying EtherChannel
  • Troubleshooting EtherChannel Interfaces
  • Active/Standby or Active/Active New Features
  • ASA Clustering

Module 7 – Evaluating the Cisco ASA VPN Subsystem Architecture VPN

  • Comparing Cisco ASA VPN Technologies
  • Evaluating Cisco ASA IPv6 VPN Capabilities
  • Evaluating Cisco AnyConnect 3.0 Components

Module 8 - Cisco ASA Site-to-Site IPsec VPN Solutions with IKEv2

  • Configuring Basic Peer Authentication with PSK
  • Configuring Transmission Protection

Module 9 – Cisco ASA Remote Access VPN with IKEv2

  • Using IKEv2 for Remote Access IPSec
  • Troubleshooting Basic Cisco Remote Access IPSec VPN Operations
HANDS-ON SKILLS-BUILDING LABS:

Configuring NAT

  • Task 1: Configure Object NAT for the Client Network and DMZ Server
  • Task 2: Configure Manual NAT for the DMZ Server and Client Network

Configuring Basic Cisco Access Control Features

  • Task 1: Configure Network and Service Object Groups
  • Task 3: Configure Access Lists
  • Task 4: Configure Public Servers
  • Task 5: Configure Global Access Lists

Identity Firewall

  • Task 1: Join the Client to the AD
  • Task 2: Installing and Configuring the Active Directory Agent
  • Task 3: Configuring the Identity Options on the ASA

Configuring Transparent Firewall

  • Task 1: Change Network Parameters on the Client PC
  • Task 2: Enable Transparent Firewall Mode
  • Task 3: Configure Bridge Group, Interfaces, and Management Settings on the Security Appliance
  • Task 4: Verify Connectivity over the Transparent Firewall
  • Task 5: Enable Basic Access Controls on a Transparent Cisco ASA Security Appliance
  • Task 6: Disable Transparent Firewall Mode

Deploying a Basic Cisco ASA Security Appliance IPsec IKEv2 Site-to-Site VPN

  • Task 1: Configure the Cisco ASA 5510 Adaptive Security Appliance for Site-to-Site VPN Using PSKs and IKEv2
  • Task 2: Establish a Site-to-Site VPN Tunnel with PSKs
  • Task 3: Modify the Existing Connection to Use Digital Certificates for Authentication
  • Task 4: Establish a Site-to-Site VPN Tunnel with Digital Certificates

Deploying Basic Remote Access IPsec VPN with IKEv2

  • Task 1: Modify an Existing Profile to Support IPsec Remote Access
  • Task 2: Connect to the Cisco ASA Security Appliance Using IPsec
Classroom Training
Modality: C

Duration 2 days

Price
  • United States: US$ 1,695
  • Cisco Learning Credits: 17 CLC
Enroll now
 
Click City Name To Book Schedule
This is an Instructor-Led Classroom course
This is an Instructor-Led Online (ILO) course. These sessions are conducted via WebEx in a VoIP environment and require an Internet Connection and headset with microphone connected to your computer or laptop.
This is a FLEX course, which is delivered simultaneously in two modalities. Choose to attend the Instructor-Led Online (ILO) virtual session or Instructor-Led Classroom (ILT) session.
United States

Currently there are no training dates scheduled for this course.  You can schedule a private, onsite training session or request a public date by emailing info@fastlaneus.com.

Europe
Germany
Jan 11-12, 2018 Düsseldorf Enroll
Feb 8-9, 2018 Stuttgart Enroll
Mar 8-9, 2018 Frankfurt Enroll
Mar 28-29, 2018 Hamburg Enroll
May 7-8, 2018 Münster Enroll
Jun 7-8, 2018 Munich Enroll
Jun 28-29, 2018 Berlin Enroll
Jul 26-27, 2018 Düsseldorf Enroll
Aug 23-24, 2018 Stuttgart Enroll
Sep 13-14, 2018 Frankfurt Enroll
Austria
Feb 8-9, 2018 Vienna (iTLS) Enroll
Sep 6-7, 2018 Vienna (iTLS) Enroll
Bulgaria
Apr 16-17, 2018 This is a FLEX event Sofia Course language: English Enroll
Online Training Time zone: Europe/Sofia Enroll
Slovakia
Jan 29-30, 2018 This is a FLEX event Bratislava Enroll
Online Training Time zone: Europe/Bratislava Enroll
Slovenia
Nov 26-27, 2018 This is a FLEX event Ljubljana Course language: English Enroll
Online Training Time zone: Europe/Ljubljana Enroll
Spain
Mar 26-27, 2018 Madrid Enroll
Oct 29-30, 2018 Madrid Enroll
Switzerland
Jun 7-8, 2018 Zurich Enroll
Oct 25-26, 2018 Zurich Enroll
Latin America
Argentina
Jan 25-26, 2018 Online Training Time zone: America/Buenos_Aires Enroll
Apr 19-20, 2018 Online Training Time zone: America/Buenos_Aires Enroll
Jul 26-27, 2018 Online Training Time zone: America/Buenos_Aires Enroll
Oct 18-19, 2018 Online Training Time zone: America/Buenos_Aires Enroll
Brazil
Mar 8-9, 2018 Online Training Time zone: America/Sao_Paulo Enroll
Jun 7-8, 2018 Online Training Time zone: America/Sao_Paulo Enroll
Sep 13-14, 2018 Online Training Time zone: America/Sao_Paulo Enroll
Dec 6-7, 2018 Online Training Time zone: America/Sao_Paulo Enroll
Costa Rica
Mar 8-9, 2018 Online Training Time zone: America/Costa_Rica Enroll
Jun 28-29, 2018 Online Training Time zone: America/Costa_Rica Enroll
Sep 6-7, 2018 Online Training Time zone: America/Costa_Rica Enroll
Nov 29-30, 2018 Online Training Time zone: America/Costa_Rica Enroll
Middle East
Qatar
May 13-14, 2018 Doha Course language: English Enroll
Saudi Arabia
Dec 9-10, 2018 Riyadh Course language: English Enroll
United Arab Emirates
May 6-7, 2018 Dubai Course language: English This course is being delivered by iTLS. Enroll
Nov 11-12, 2018 Dubai Course language: English This course is being delivered by iTLS. Enroll