CCNP Security Firewall version 1.0 Deploying Cisco ASA Firewall Features Volume 1

Similar documents
Securing Networks with PIX and ASA

Cisco ASA, PIX, and FWSM Firewall Handbook

Implementing Core Cisco ASA Security (SASAC)

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0

Cisco ASA 5500 Series Adaptive Security Appliance 8.2 Software Release

Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0

Cisco Certified Security Professional (CCSP)

Implementing Cisco IOS Network Security

TABLE OF CONTENTS NETWORK SECURITY 1...1

CCT vs. CCENT Skill Set Comparison

Interconnecting Cisco Network Devices 1 Course, Class Outline

Cisco Certified Network Associate Exam. Operation of IP Data Networks. LAN Switching Technologies. IP addressing (IPv4 / IPv6)

"Charting the Course...

Cisco Networking Professional-6Months Project Based Training

How To Learn Cisco Cisco Ios And Cisco Vlan

Cisco AnyConnect Secure Mobility Solution Guide

How To Set Up A Cisco Safesa Firewall And Security System

Configuring Trend Micro Content Security

IINS Implementing Cisco Network Security 3.0 (IINS)

Cisco Certified Network Expert (CCNE)

Securing Networks with Cisco Routers and Switches ( )

FWSM introduction Intro 5/1

Cisco Discovery 3: Introducing Routing and Switching in the Enterprise hours teaching time

Evaluating the Cisco ASA Adaptive Security Appliance VPN Subsystem Architecture

: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)

Government of Canada Managed Security Service (GCMSS) Annex A-1: Statement of Work - Firewall

Configuring the Transparent or Routed Firewall

2. Are explicit proxy connections also affected by the ARM config?

Troubleshooting the Firewall Services Module

Troubleshooting and Maintaining Cisco IP Networks Volume 1

INTERCONNECTING CISCO NETWORK DEVICES PART 1 V2.0 (ICND 1)

PIX/ASA 7.x and above: Mail (SMTP) Server Access on the DMZ Configuration Example

Foreword Introduction Product Overview Introduction to Network Security Firewall Technologies Network Firewalls Packet-Filtering Techniques

Citrix NetScaler 10.5 Essentials for ACE Migration CNS208; 5 Days, Instructor-led

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

Cisco PIX. Upgrade-Workshop PixOS 7. Dipl.-Ing. Karsten Iwen CCIE #14602 (Security)

Troubleshooting the Firewall Services Module

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

INTRODUCTION TO FIREWALL SECURITY

Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network.

PIX/ASA 7.x and above : Mail (SMTP) Server Access on Inside Network Configuration Example

Cisco ASA. Administrators

COURSE AGENDA. Lessons - CCNA. CCNA & CCNP - Online Course Agenda. Lesson 1: Internetworking. Lesson 2: Fundamentals of Networking

Cisco Certified Security Professional (CCSP) 50 Cragwood Rd, Suite 350 South Plainfield, NJ 07080

Interconnecting Cisco Networking Devices Part 2

ASA 8.3 and Later: Mail (SMTP) Server Access on Inside Network Configuration Example

Security Threats VPNs and IPSec AAA and Security Servers PIX and IOS Router Firewalls. Intrusion Detection Systems

TABLE OF CONTENTS NETWORK SECURITY 2...1

Network Simulator Lab Study Plan

ASA 8.X: Routing SSL VPN Traffic through Tunneled Default Gateway Configuration Example

Interconnecting Cisco Networking Devices: Accelerated (CCNAX) 2.0(80 Hs) 1-Interconnecting Cisco Networking Devices Part 1 (40 Hs)

Table of Contents. Introduction

IOS NAT Load Balancing with Optimized Edge Routing for Two Internet Connections

Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance

Cisco Certified Network Associate (CCNA) 120 Hours / 12 Months / Self-Paced WIA Fee: $

Cisco Configuring Commonly Used IP ACLs

Lab Developing ACLs to Implement Firewall Rule Sets

PIX/ASA: Allow Remote Desktop Protocol Connection through the Security Appliance Configuration Example

How Cisco IT Uses Firewalls to Protect Cisco Internet Access Locations

ISOM3380 Advanced Network Management. Spring Course Description

IMPLEMENTING CISCO IP ROUTING V2.0 (ROUTE)

Release Notes. SonicOS is the initial release for the Dell SonicWALL NSA 2600 network security appliance.

Introduction about cisco company and its products (network devices) Tell about cisco offered courses and its salary benefits (ccna ccnp ccie )

Managing Enterprise Security with Cisco Security Manager

Official Cert Guide. CCNP Security IPS Odunayo Adesina, CCIE No Keith Barker, CCIE No Cisco Press.

Course Contents CCNP (CISco certified network professional)

Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance

A Model Design of Network Security for Private and Public Data Transmission

Security Technology: Firewalls and VPNs

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

Course Syllabus. Fundamentals of Windows Server 2008 Network and Applications Infrastructure. Key Data. Audience. Prerequisites. At Course Completion

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

Configuring Basic Settings

Configuring SSL VPN on the Cisco ISA500 Security Appliance

Securing Cisco Network Devices (SND)

Configuring WCCP v2 with Websense Content Gateway the Web proxy for Web Security Gateway

Lab Organizing CCENT Objectives by OSI Layer

Configuring Role-Based Access Control

CNS-205 Citrix NetScaler 10 Essentials and Networking

Securing Networks with Cisco Routers and Switches 1.0 (SECURE)

CCNP v2 Eğitimi İçeriği

Linux Network Security

Implementing Cisco IOS Network Security v2.0 (IINS)

SWSA ((SECURING WEB WITH CISCO WEB SECURITY APPLIANCE)) 2.1

Virtual Fragmentation Reassembly

How To Monitor Cisco Secure Pix Firewall Using Ipsec And Snmp Through A Pix Tunnel

NETASQ MIGRATING FROM V8 TO V9

: Interconnecting Cisco Networking Devices Part 2 v1.1

Deploying Cisco Basic Wireless LANs WDBWL v1.1; 3 days, Instructor-led

(d-5273) CCIE Security v3.0 Written Exam Topics

Course Venue :- Lab 302, IT Dept., Govt. Polytechnic Mumbai, Bandra (E)

Firewalls and VPNs. Principles of Information Security, 5th Edition 1

High Availability. FortiOS Handbook v3 for FortiOS 4.0 MR3

Configuring IP Load Sharing in AOS Quick Configuration Guide

Security. AAA Identity Management. Premdeep Banga, CCIE # Cisco Press. Vivek Santuka, CCIE # Brandon J. Carroll, CCIE #23837

CCNA Security. IINS v2.0 Implementing Cisco IOS Network Security ( )

Cisco Certified Network Associate - Design

The IINS acronym to this exam will remain but the title will change slightly, removing IOS from the title, making the new title

P and FTP Proxy caching Using a Cisco Cache Engine 550 an

Configuring Enhanced Object Tracking

Transcription:

Deploying Cisco ASA Firewall Features Volume 1 Course Introduction Learner Skills and Knowledge Course Goal and Course Flow Additional Cisco Glossary of Terms You re Training Curriculum Introduction to the Cisco ASA Adaptive Security Appliance Module Introducing Cisco ASA Adaptive Security Appliance Technology and Features Firewalls and Security Domains Physical and Logical Separation Firewall Technologies of Cisco ASA Adaptive Security Appliance Features Stateful Packet Filtering Engine Application Inspection and Control User Based Access Control (Cut Through Proxy) Session Auditing Security Modules Reputation Based Botnet Traffic Filtering Category Based URL Filtering Cryptographic Cisco Unified Communications Proxy Denial of Service Prevention Traffic Correlation Remote Access VPNs Site to Site VPNs High Availability Failover Redundant Interfaces Traffic and Policy Virtualization Rich IP Routing Functionality Powerful Network Address Translation Transparent (Bridged) Operation Integrated DHCP, DDNS, and PPPoE IPv6 Support Multicast Support Management Control and Protocols Simple Software Management

Configuration Flexibility and Scalability Cisco Security Management Suite and MARS Support Common Cisco ASA Adaptive Security Appliance Use Cases Introducing the Cisco ASA Adaptive Security Appliance Family Cisco ASA Adaptive Security Appliance Platforms and Models Cisco ASA Adaptive Security Appliance Security Services Modules Cisco ASA Adaptive Security Appliance Licensing Model Basic Cisco ASA Adaptive Security Appliance Hardware Troubleshooting Module Implementation o f Basic Connectivity and Device Management Model Getting Started with the Cisco ASA Adaptive Security Appliance and Cisco ASDM Managing the Cisco ASA Adaptive Security Appliance Boot Process Managing the Cisco ASA Adaptive Security Appliance Using the CLI Managing the Cisco ASA Adaptive Security Appliance Using Cisco ASDM Windows Requirements Apple Macintosh OS X Requirements Linux Requirements Navigating Basic Cisco ASDM Features Configuring Interfaces and Static Routing of Basic Configuration Choices, Basic Procedures, and Required Input Parameters Managing Cisco ASA Adaptive Security Appliance Security Levels Configuring and Verifying Interface Network Parameters Cisco ASA 5510 and Higher Cisco ASA 5505 Configuring and Verifying VLAN interfaces Cisco ASA 5510 and Higher Cisco ASA 5505 Configuring and Verifying Static Routing Configuring and Verifying the Cisco ASA Adaptive Security Appliance DHCP Server Troubleshooting Basic Connectivity

Configuring Basic Device Management Features of Configuration Choices, Basic Procedures, and Required Input Parameters Configuring and Verifying Basic Device Management Settings Managing Time Settings Managing Event and Session Logging Message Severity Configuration of a Syslog Facility Tag and Syslog TImestamping Managing the Cisco ASA Adaptive Security Appliance Software and Feature Activation Upgrading the Image and the Activation Key at the Same Time Using Other Troubleshooting and Management Tools Configuring Management Access of Configuration Choices, Basic Procedures, and Required Input Parameters Managing Remote Management Channels Dedicated Management Interface Recommendations Managing Authentication for Management Access Using Simple Password Only Authentication Alternative: Configuring Privilege Levels of Individual Commands Verifying and Troubleshooting AAA for Management Access Module

Deploying Cisco ASA Firewall Features Volume 2 Deployment of Cisco ASA Adaptive Security Appliance Access Control Features Module Configuring Basic Access Control of Configurations Choices, Basic Procedures, and Required Input Parameters Connection Table and Local Host Table show conn Inside and Outside, Inbound and Outbound clear conn show local host clear local host Configuring and Verifying Interface Access Rules Stateless Rules Access Rule Logging Access Control Lists Time Based ACLs access list extended access list remark access group time range periodic absolute show access list clear configure access list Configuring and Verifying Object Groups name object group network object Configuring and Verifying Other Basic Access Controls ip verify reverse path shun show shun clear shun Troubleshooting Basic Access Control packet tracer Using Cisco ASA Adaptive Security Appliance Modular Policy Framework of Configuration Choices, Basic Procedures, and Required Input Parameters

Configuring and Verifying Policies for OSI Layers 3 and 4 class map match dscp policy map class priority service policy (global) Configuring and Verifying Policies for OSI Layers 5 to 7 Cisco ASA Adaptive Security Appliance Regular Expression Supported Metacharacters regex class map type regex class map type inspect class (policy map) policy map type inspect reset Configuring and Verifying a Policy for Management Traffic class map type management match port set connection Tuning Basic Stateful Inspection Features of Configuration Choices, Basic Procedures, and Required Input Parameters Tuning Basic Inspection of OSI Layers 3 and 4 Dead Connection Detection inspect icmp set connection timeout set connection decrement ttl fragment Tuning the Cisco ASA Adaptive Security Appliance TCP Normalizer tcp map tcp options set connection advanced options set connection advanced options tcp state bypass Configuring Support for Dynamic Protocols established Troubleshooting Inspection of OSI Layers 3 and 4 on the Cisco ASA Adaptive Security Applicance Configuring Application Layer Policies of Configuration Choices, Basic Procedures, and Required Input Parameters Configuring and Verifying HTTP Inspection

policy map type inspect parameters protocol violation drop connection inspect http show service policy url server N2H2 Websense filter url Evaluating FTP Inspection Evaluating DNS Inspection Evaluating ESMTP Inspection Evaluating Inspection of Other Protocols Troubleshooting Application Layer Inspection Configuring Advanced Access Controls of Configuration Choices, Basic Procedures, and Required Input Parameters Bots and Botnets Configuring and Verifying Cisco TCP Intercept set connection Configuring and Verifying the Cisco Botnet Traffic Filter dynamic filter updater client enable dynamic filter use database inspect dns dynamic filter enable dynamic filter drop blacklist dynamic filter whitelist dynamic filter blacklist name (dynamic filter blacklist or whitelist) Configuring and Verifying Basic Threat Detection threat detection basic threat threat detection rate show threat detection rate Configuring and Verifying Advanced Threat Detection threat detection statistics show threat detection statistics host show threat detection statistics port show threat detection statistics protocol show threat detection statistics top Configuring and Verifying Scanning Threat Detection threat detection scanning threat show threat detection scanning threat

show threat detection shun clear threat detection shun Configuring Resource Limits and Guarantees of Configuration Choices, Basic Procedures, and Required Input Parameters Configuring and Verifying Connection Limits set connection Configuring and Verifying Traffic Policing and Shaping match port police shape Configuring and Verifying Traffic Priority Queuing priority queue queue limit (priority queue) tx ring limit match dscp priority Configuring User Based Policies (Cut Through Proxy) of Configuration Choices, Basic Procedures, and Required Input Parameters Usage Examples Configuring and Verifying User Authentication aaa server aaa server host object group port object aaa authentication match show uauth clear uauth show aaa server CLI Configuration aaa authentication listener CLI Configuration virtual http CLI Configuration virtual telnet Configuring Authentication Prompts and Timeouts auth prompt Configuring and Verifying User Authorization

Command Line Configuration Configuring and Verifying User Session Accounting aaa accounting match Troubleshooting Operation of User Based Controls test aaa server Module

Deploying Cisco ASA Firewall Features Volume 3 Deployment of Cisco ASA Adaptive Security Appliance Network Integration Features Module Deploying Network Address Translation of Configuration Choices, Basic Procedures, and Required Input Parameters Configuring NAT Control Configuring and Verifying Dynamic Inside NAT and PAT Configuring and Verifying Static Inside NAT and PAT Configuring NAT Rules to Bypass Address Translations Configuring Outside NAT Integrating NAT with Cisco ASA Adaptive Security Appliance Access Control Troubleshooting NAT Configuring Cisco ASA Adaptive Security Appliance Transparent Firewall Operations of Configuration Choices, Basic Procedures, and Required Input Parameters Configuring and Verifying Transparent Firewall Mode Configuring OSI Layer 3 7 Access Control in Transparent Firewall Mode Configuring OSI Layer 2 Access Control in Transparent Firewall Mode Troubleshooting Transparent Firewall Operation Module Deployment of Cisco ASA Adaptive Security Appliance Virtualization and High Availability Features Module Deploying Cisco ASA Adaptive Security Appliance Virtualization Features of Configuration Choices, Basic Procedures, and Required Input Parameters Configuring and Verifying Security Contexts show context Managing Security Contexts changeto mac address auto admin context

Configuring and Verifying Resource Management limit resource show resource allocation show resource usage Troubleshooting Security Contexts Deploying Cisco ASA Adaptive Security Appliance Redundant Interfaces of Configuration Choices, Basic Procedures, and Required Input Parameters Configuring and Verifying Redundant Interfaces member interface redundant interface Troubleshooting Redundant Interfaces Deploying Active/Standby High Availability Failover of Configuration Choices, Basic Procedures, and Required Input Parameters Unit Health Monitoring (Unit Poll Time and Hold Time) Interface Health Monitoring (Interface Poll Time and Hold Time) Configuring and Verifying Active/Standby Failover failover lan unit failover lan interface failover interface ip failover link failover key failover replication http failover prompt show failover failover active failover reset Tuning and Managing Active/Standby Failover failover polltime failover polltime interface failover mac address Using Remote Command Execution failover exec show failover exec Troubleshooting Active/Standby Failover Show monitor interface

Deploying Active/Active High Availability Failover of Configuration Choices, Basic Procedures, and Required Input Parameters Configuring and Verifying Active/Active Failover failover lan unit failover interface ip failover link failover key failover failover group preempt replication http primary secondary join failover group ip address prompt show failover failover active Tuning and Managing Active/Active Failover asr group failover polltime polltime interface interface policy Troubleshooting Active/Active Failover Module Intergration of Cisco ASA Adaptive Security Appliance Security Service Modules Module Introducing Cisco ASA Adaptive Security Appliance Security Service Modules Cisco Security Service Modules Cisco Content Security and Control SSM Cisco ASA Advanced Inspection and Protection SSM and SSC Integrating the Cisco ASA Adaptive Security Appliance AIP SSM and AIP SSC Modules Cisco AIP SSM and Cisco AIP SSC Installation

Managing Cisco ASA AIP SSM and Cisco ASA AIP SSC Basic Features allow ssc mgmt hw module module recover hw module module password reset hw module module reload hw module module reset hw module module shutdown show module Initializing Cisco ASA AIP SSM and Cisco ASA AIP SSC Configuring Cisco ASA Adaptive Security Appliance Traffic Redirection Policy ips Integrating the Cisco ASA Adaptive Security Appliance CSC SSM Module Cisco CSC SSM installation Managing Cisco CSC SSM Basic Features debug module boot hw module module recover hw module module password reset hw module module reload hw module module reload Parameters hw module module reset hw module module shutdown Initializing Cisco CSC SSM Configuring Cisco ASA Adaptive Security Appliance Traffic Redirection Policy csc Module

Deploying Cisco ASA Firewall Features Volume 4 Configuring Routing on the Cisco ASA Adaptive Security Appliance of Configuration Choices, Basic Procedures, and Required Input Parameters Configuring and Verifying Static Route Tracking sla monitor type echo threshold frequency timeout (sla monitor) sla monitor schedule track rtr route show sla monitor configuration show sla monitor operational state Configuring and Verifying RIPv2 router rip version auto summary default information originate (RIP) network passive interface distribute list in distribute list out rip authentication mode rip authentication key show rip database Configuring and Verifying OSPF router ospf network area area range area filter list prefix log adj changes default information originate (OSPF) ospf authentication ospf message digest key prefix list show ospf show ospf interface show ospf neighbor show ospf database Configuring and Verifying EIGRP router eigrp

auto summary network distribute list in distribute list out summary address (EIGRP) authentication mode eigrp authentication key eigrp show eigrp neighbors show eigrp topology Configuring Redistribution redistribute (OSPF) redistribute (EIGRP) route map Troubleshooting Routing Protocols Configuring Traffic Redirection Using WCCP wccp wccp redirect show wccp Lab (Optional): Configuring Dynamic Routing Activity Objective Visual Objective Required Resources Command List Job Aids Task 1: Configure the OSPF Routing Protocol Task 2: Configure the EIGRP Routing Protocol Answer Key Lab 4 2 Answer Key: Configuring Dynamic Routing

Deploying Cisco ASA Firewall Features Lab Guide This guide presents the instructions and other information concerning the lab activities for this Course. You can find the solutions in the Lab Activity Answer Key. Outline This guide includes these activities: Lab 2 1: Configuring Basic Connectivity Lab 2 2: Configuring Management Features Lab 3 1: Configuring Basic Access Control Lab 3 2: Tuning Basic Cisco ASA Adaptive Security Appliance Stateful Inspection Features Lab 3 3: Configuring Application Layer Policies Lab 3 4: Configuring Advanced Access Controls Lab 3 5: Configuring User Based Policies (Cut Through Proxy) Lab 4 1: Configuring Cisco ASA Adaptive Security Appliance NAT Lab 4 2: Configuring Transparent Firewall Mode Lab 5 1: Deploying a Cisco ASA Adaptive Security Appliance Active/Standby Failover Lab 5 2: Deploying a Cisco ASA Adaptive Security Appliance Active/Active Failover Answer Key

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information