Cisco ® Secure PIX Firewall Advance CSPFA Training
 Description
The most recognized name in network firewalls is the Cisco ® PIX firewall. The CSPFA course will teach you how to leverage the most integral part of the PIX,
the Adaptive Security Algorithm (ASA). Not only will students learn how the PIX operates, and how to configure the PIX from the ground up, they will also learn techniques such as using Object Groups to streamline
access-lists, IPSec VPNs to encrypt and secure data after it leaves the PIX and many other techniques critical for enhancing the security of the network.
CSPFA Objectives
After completing this course the student should be able to:
- Describe the features, functions, and benefits of the Cisco ® PIX Firewall
- Identify PIX Firewall features, models, components, and benefits
- Describe PIX Firewall installation procedures
- Perform basic configuration
- Explain the routing functionality of the PIX Firewall
- Configure routing on the PIX Firewall
- Configure the PIX Firewall to send messages to a Syslog server
- Configure the PIX Firewall as a DHCP client
- Configure special protocol handling on the PIX Firewall
- Describe how the PIX Firewall supports call handling sessions and VoIP call signaling
- Configure AAA on the PIX Firewall
- Configure shunning on the PIX Firewall
- Configure a site-to-site VPN using the PIX Firewall
- Configure a VPN Client-to-PIX Firewall VPN
- Configure the PIX Firewalls PPPoE client
Training Time:
30 hours
Method of Training:
The Cisco ® Training is available in Four formats
- Live Now
Our unique virtual classroom offering is the first learning experience to successfully match the
benefits of instructor-led training to your desktop or laptop. You interact with the Cisco ® instructors (CCIE or Double CCIE Credentials) who have written the Cisco ® Courseware.
Hands-on labs and real-world simulations , access to the Official Cisco ® written Courseware online, Chat with classmates and instructors in real-time without disrupting the class session and
exam preps deliver an unparalleled overall learning experience. Most Classes are Two days a week for three weeks. Each class is recorded so you can review a class at any time. You also
receive three additional weeks to the online campus to review any recorded class, labs, exams and courseware. More Details
- Expert Now CD-ROM
Combining the best of our Live Now instructor-led courses with a self-paced CD-ROM pedagogy,
Expert Now courseware provides a wholly different – and uniquely effective – learning experience .You have access to view all the Pre-Recorded Live Now Classes, Labs, Exams, Cisco ® 's official courseware and key point articles from the Instructors(CCIE
and Double CCIE Credentials). Highest Certification Passing Rates in the Industry. Live Now Courses, according to CPM magazine has a first time passing rate of 94%. More Details
- Learn Now Online Course
Our self-paced Online course. Includes pre and post test assessment,
complete training material in a full multimedia format, labs and practice exam quizzers. 24 x 7 Online Mentoring. Course designed by the same instructor of our Live Now and Expert Now classes. More Details
- Live Classes Call 800-617-5586 for Locations and Schedules
Which Training is best for me?
Cisco ® Training for CSPFA Course CD-ROM or Online
|
Learn Now CSPFA Online Training Course
|
kncspfaln
|
$499.00
|
|
|
Expert Now CSPFA CD-ROM Training
|
kncspfaen
|
$795.00
|
|
|
Live Now CSPFA Training Online Live Class
|
kncspfain
|
$995.00
|
|
Live Now Dates
Aug 9,11,16,18,23,25 12-3:00pm PST
Nov 1,3,8,10,15,17 12-3:00pm PST
Feb 2006 TBD
 Audience
This course is for anyone who is responsible for
designing, maintaining or implementing PIX firewalls. This class would also be appropriate for network technicians who need to know how the PIX operates so they can implement the
infrastructure around the PIX correctly.
Prerequisites
Students should have completed the ICND course, obtained a CCNA certification, or have equivalent experience.
Included Materials Interactive Self-Paced courses provide:
- Unlimited 24 x 7 access to Campus for the entire program (all courses are launched from a personalized web site that organizes and manages your training experience). Live Now and Learn Now
- Hands-on Labs - a perfectly simulated, real-world environment to test skills without risk. Based on availability.
- Engaging course demos and real-world examples
- Access to a variety of training resources and certification information.
Included Labs
- PIX Interfaces, SYSLOG Outputs, and DHCP
- Configure Access Through the PIX
- Configure ACLs and URL Filtering
- Configure Service Object Group
- Inbound ACL with Object Groups
- Advanced Protocol Handling on PIX
- Configuring IDS on PIX
- Configure and Test AAA
- Configure Stateful Failover
- VPN Gateway: IPSec Between Two PIXs
- VPN Gateway: IPSec Between PIX and VPN Client
- Configure and Test SSH Sessions
- Configure PIX using PDM
- Creating Groups and Importing PIX into MC
- Configure Service Definitions, Groups and Building Blocks
- Enterprise PIX Firewall Maintenance
Our Instructors
Live Now Instructors Profiles
Outline Cisco ® Secure PIX Firewall Advanced CSPFA Training Course
Module 1: Introduction & Module 2: Security Fundamentals
- The Closed Network
- What Is a Security Policy?
- Variety of Attacks
- Reconnaissance Attacks
- Access Attacks
- Denial of Service Attacks
- Worm, Virus, and Trojan Horse Attacks
- Configuration Management
- Summary
Module 3: Cisco ® PIX Firewall Technology and Features
- What Is a Firewall?
- PIX Firewall - What Is it?
- Summary
Module 4: Cisco ® PIX Firewall Family
- PIX Firewall Family
- License Types
- FWSM
- Summary
Module 5: Getting Started with the Cisco ® PIX Firewall
- Access Modes
- Default Setup Dialog
- Functions of the ASA
- PIX Firewall Basic Commands
- show memory Command
- clock Command
- Configure Syslog Output to a Syslog Server
- Summary
- PIX Interfaces, SYSLOG Outputs, and DHCP
Module 6: Translations and Connections
- Sessions in an IP World
- Addressing Scenarios
- Port Address Translation
- static Command
- Identity NAT - nat 0 Command
- Policy NAT
- Connections vs. Translations
- Additional Interface Support
- Summary
- Configure Access Through the PIX
Module 7: Access Control Lists and Content Filtering
- Security Levels Revisited
- Deny Web Access to the Internet
- Java Applet Filtering
- HTTP URL Filtering
- Summary
- Configure ACLs and URL Filtering
Module 8: Object Grouping
- Using Object Groups in ACLs
- Configuring and Using Object Groups
- Nested Object Groups
- Summary
- Configure Service Object Group
- Inbound ACL with Object Groups
Module 9: Advanced Protocol Handling
- Need for Advanced Protocol Handling
- Why Multimedia Is an Issue
- Summary
- Advanced Protocol Handling on PIX
Module 10: Attack Guards, Intrusion Detection, and Shunning
- Mail Guard
- Intrusion Detection
- shun Command
- Summary
- Configuring IDS on PIX
Module 11: Authentication, Authorization, and Accounting
- Authentication, Authorization, and Accounting
- Installation Wizard
- Interactive User Authentication - Configuration Steps
- PIX Firewall User Authorization
- PIX Firewall Downloadable ACL Authorization
- Enable Accounting
- show Commands
- Summary
- Configure and Test AAA
Module 12: Failover
- Failover
- Overview of Configuring Failover with a Failover Serial Cable
- LAN-Based Failover Overview
- Summary
- Configure Stateful Failover
Module 13: Switching and Routing
- Virtual LANs
- Static Routes
- OSPF
- Multicasting
- Summary
Module 14: Virtual Private Network Configuration
- PIX Firewall VPN Topologies
- Five Steps of IPSec
- Tasks to Configure IPSec Encryption
- Task 1 - Prepare for IKE and IPSec
- Task 2 - Configure IKE
- Task 3 - Configure IPSec
- Task 4 - Test and Verify VPN Configuration
- Topology Overview
- CA Server Fulfilling Requests from IPSec Peers
- Summary
- VPN Gateway: IPSec Between Two PIXs
- VPN Gateway: IPSec Between PIX and VPN Client
Module 15: Configuring PIX Firewall Remote Access Using Cisco ® Easy VPN
- The Cisco ® Easy VPN
- Cisco ® Easy VPN Server Features
- Implementing Easy VPN Remote
- Cisco ® VPN Client Release 3.6
- The Easy VPN Remote Connection Process
- Easy VPN Server General Configuration Tasks
- Cisco ® VPN Client 3.6 Manual Configuration Tasks
- Cisco ® VPN Client Program Menu
- Summary
Module 16: Easy VPN Remote - Small Office/Home Office
- Implementing PIX Firewall Easy VPN Remote
- Easy VPN Remote Client Configuration
- The PIX Firewall as a PPPoE Client
- DHCP
- Summary
Module 17: System Maintenance
- Configuring Telnet Access to the PIX Firewall Console
- Command Authorization Overview
- SNMP Overview
- PIX Device Manager
- Entering a New Activation Key
- Password Recovery
- Summary
- Configure and Test SSH Sessions
Module 18: Cisco ® PIX Device Manager
- What Is PDM?
- PDM's PIX Firewall Requirements
- Configure the PIX Firewall to Use PDM
- Startup Wizard
- Setting System Options
- Configuring the PIX Firewall for VPN Clients
- Summary
- Configure PIX using PDM
Module 19: Introduction to Enterprise PIX Firewall Management
- Cisco ® Works Management Center for Firewalls 1.2
- MC Server Requirements
- PIX Firewall Setup Dialog
- Firewall MC Interface
- Managing Groups and Devices
- Configuration Tab
- Building Blocks
- Static Translation Rules - Added
- Workflow Setup
- Reports
- Summary
- Creating Groups and Importing PIX into MC
- Configure Service Definitions, Groups and Building Blocks
Module 20: Enterprise PIX Firewall Maintenance
- What Is the AUS?
- Firewall MC and AUS Communication
- Cisco ® Works Login
- AUS - Devices
- Reports - System Information
- Summary
- Enterprise PIX Firewall Maintenance
Module 21: Firewall Services Module
- FWSM Key Features
- Firewall with the FWSM
- Getting Started with the FWSM
- PDM and the FWSM
- Status LED
- Summary
Skills
This course provides instruction in the use of the following hardware/operating system technologies:
Hardware:
PIX Firewall Family
Software/Operating Systems:
Cisco ® Easy VPN
PIX Device Manager
Cisco ® Works Management Center for Firewalls
AUS
Firewall Services Module
|
