Cisco ASA Training Essentials v2 Class
 This 5-day Cisco ASA training class for ASAE will help
you get up to speed quickly with Cisco's Adaptive Security Appliance (ASA).
Our class will show you what is the most important content from Cisco's Authorized FIREWALL and VPN courses to hone in on the most crucial aspects of the
ASA, including Firewall basics, Network Address Translation (NAT), and Access Control Lists.
In this five day Certification class, you will learn the essential skills required to configure, maintain, and operate Cisco ASA 5500 Series Adaptive
Security Appliances.
Cisco ASA Training Class Covers
- Object groups
- Stateful inspection
- Modular policy framework
- PKI Integration
- Site-to-site and remote access VPN (both IPsec and SSL)
- Active/Standby Failover
- Server-based authentication, authorization, and accounting (AAA) using ACS 5.2
You'll complete your training with high availability failover coverage, including an exclusive demonstration of what happens to your firewall connections and VPN sessions during a device failure.
Training Course Outline
1. Cisco ASA Essentials
Cisco ASA Technologies and Families
2. Basic Connectivity and Device Management
Preparing the Cisco ASA for Network Integration
Managing Basic Cisco ASA Network Settings
ASA Device Management Configuration
3. Network Integration
ASA NAT Configuration
Configuring Cisco ASA Basic Access Control
4. Cisco ASA Policy Control
Cisco ASA Modular Policy Framework
ASA Connection Policy Configuration
5. Cisco ASA VPN Architecture and Common Components
Managing Profiles, Group Policies, and User Policies
Managing PKI Services
6. ASA Clientless Remote Access SSL VPN Solutions
Basic Clientless VPN Solutions
Advanced Application Access for Clientless SSL VPNs
7. Cisco AnyConnect Remote Access SSL Solutions
Basic Cisco AnyConnect Full-Tunnel SSL VPN Solution
8. ASA Remote Access IPsec VPNs
Remote Access VPN Clients
Deploying Basic Cisco Remote Access IPsec VPN Solutions
9. ASA Site-to-Site IPsec VPN Solutions
Deploying Basic Site-to-Site IPsec VPNs
Deploying Advanced Site-to-Site IPsec VPNs
10. Cisco ASA High Availability and Virtualization
Configuring Cisco ASA Active/Standby High Availability
Training Labs
The labs are enhanced versions of what you'll find in Cisco's FIREWALL and VPN courses. Streamlined and built to work with our unique lab topology, these labs give you hands-on
practice that is vital to mastering the course concepts. Each lab builds upon the configurations and policies you set in previous labs better representing your real-world, on-the-job environment
Lab 1: Prepare the ASA for Administration
ASA for remote administration by both SSH and HTTPS/ASDM
Use the setup dialog to configure the inside interface
Enable ASDM access via HTTP
Access the ASA via its physical console port and reset the configuration to factory defaults
Enable SSH from the CLI
Test SSH access from the Admin-PC
Prepare a persistent self-signed digital certificate for use for ASDM
Install and configure ASDM on the Admin-PC and test initial access with ASDM
Lab 2: Fundamental ASA Configuration
ASA settings including static routes
Inside, Outside, and DMZ interfaces
Authenticated NTP support, syslog, and SNMP support
Use different features to test the behavior of the ASA
Configure DHCP Server
Lab 3: Network Address Translation (NAT)
Object NAT for dynamic PAT
Object NAT for dynamic NAT
Configure object NAT for static NAT
Configure twice NAT
Test and verify the results of the configuration on the communicating host systems and the ASA
Monitor address translation
ASA's translation and connection tables
Lab 4: Basic Access Control
Object groups
Global policy Configuration
Access policy to allow access to public services running on the DMZ-Srv
Configure access policy to allow unrestricted access from the Inside network
Lab 5: Basic Protocol Inspection
The ASA's simple application layer inspection using FTP and HTTP
Manage modular policy framework to inspect Layer 3 and Layer 4 packet headers
Control traffic based on information received
Work with TTL Decrementation and TCP Maps
ASA to work with custom dynamic applications Configuration
Lab 6: Licensing, ACS, and Public CA
Work with licensing scenario design challenges
ASA and ACS 5.2 integration for AAA
ACS 5.2 integration with Active Directory
ACS 5.2 sequence and test authentication
Manually Obtain SSL certificates from a public CA
Lab 7: Basic Clientless SSL VPN
Manage DNS lookups to facilitate the portal
Manage clientless SSL VPN
Connection profile lock using ACS 5.2
Bookmark lists for group policies
Work with WebType ACLs
Navigating without using the URL entry field
Lab 8: Clientless SSL VPN - Thin Apps
Managing port forwarding
Managing smart tunnels
Managing SSL VPN plug-ins
Lab 9: Basic AnyConnect Full Tunnel SSL VPN
Address assignment policy and pools
Enable AnyConnect and upload client to the ASA
SSL protocols Configuration
Modify Connection profiles and group policies
AnyConnect client using WebLaunch Installation
NAT for remote access VPN
Access via Split Tunneling
Zccess via Hairpin
Manage local as well as centralized group policy
Lab 10: Remote Access IPSec VPN
Manage IKEv2 IPSec remote access VPN
Reset the AnyConnect Client on the Win7-PC
Download and test the IPSec AnyConnect profile
manage IKEv2 with certificate-based authentication
Enable and test IKEv1 IPSec remote access VPN
Lab 11: IPSec Site-to-Site VPN
A site-to-site tunnel from HQ to Site1 Configuration
Use the ASDM to configure the building blocks of the tunnel configuration
Change the NAT configuration on the ASA to conform with tunnel requirements
Monitor tunnel status from the CLI, ASDM, and syslog
Analyze tunnel establishment by following debug messages
Update the VPN configuration for PKI support
Lab 12: Active/Standby Failover
Two ASAs for Active/Standby failover
The primary ASA for failover using ASDM and configure the secondary ASA via the CLI
Verify failover status and perform a failover scenario
Return the systems back to their base failover state
Dates and Locations for Cisco ASA Training Essentials v 2.0 Class
Jun 3 - 7, 2013 Washington, DC
Jun 3 - 7, 2013 8:30 AM - 4:30 PM ET (Virtual Classroom)
Jun 10 - 14, 2013 8:30 AM - 4:30 PM ET (Virtual Classroom)
Jun 17 - 21, 2013 San Jose, CA
Jun 17 - 21, 2013 11:30 AM - 7:30 PM ET (Virtual Classroom)
Jun 24 - 28, 2013 New York, NY
Jun 24 - 28, 2013 8:30 AM - 4:30 PM ET (Virtual Classroom)
Jul 15 - 19, 2013 Atlanta, GA
Jul 15 - 19, 2013 8:30 AM - 4:30 PM ET (Virtual Classroom)
Jul 22 - 26, 2013 Dallas, TX
Jul 22 - 26, 2013 11:30 AM - 7:30 PM ET (Virtual Classroom)
Jul 29 - Aug 2, 2013 Columbia, MD
Aug 12 - 16, 2013 Chicago (Schaumburg), IL
Aug 12 - 16. 2013 9:30 AM - 5:30 PM ET (Virtual Classroom)
Aug 19 - 23, 2013 Morristown, NJ
Aug 19 - 23, 2013 8:30 AM - 4:30 PM ET (Virtual Classroom)
Aug 26- 30, 2013 8:30 AM - 4:30 PM ET (Virtual Classroom)
Sep 9 - 13, 2013 Washington, DC
Sep 9 - 13, 2013 8:30 AM - 4:30 PM ET (Virtual Classroom)
Sep 16 - 20, 2013 San Jose, CA
Sep 16 - 20, 2013 11:30 AM - 7:30 PM ET (Virtual Classroom)
Sep 23 - 27, 2013 Houston, TX
Sep 23 - 27, 2013 8:30 AM - 4:30 PM ET (Virtual Classroom)
Refund Policy-
For full refund, class or boot camp must be canceled in writing via email or fax at least 14 days prior to start of class.
|
