VPN_2: Deploying Cisco ASA VPN Solutions



Similar documents
Deploying Cisco ASA VPN Solutions

To participate in the hands-on labs in this class, you need to bring a laptop computer with the following:

For Sales Kathy Hall

Evaluating the Cisco ASA Adaptive Security Appliance VPN Subsystem Architecture

Implementing Core Cisco ASA Security (SASAC)

Implementing Cisco Secure AccessSolutions Exam

SSECMGT: CManaging Enterprise Security with Cisco Security Manager v4.x

Securing Networks with Cisco Routers and Switches 1.0 (SECURE)

Securing Networks with Cisco Routers and Switches ( )

Managing Enterprise Security with Cisco Security Manager

Cisco Certified Security Professional (CCSP)

Implementing Cisco IOS Network Security v2.0 (IINS)

Managing Enterprise Security with Cisco Security Manager

Implementing Cisco IOS Network Security

IINS Implementing Cisco Network Security 3.0 (IINS)

Implementing Cisco Secure Mobility

SNRS. Securing Networks with Cisco Routers and Switches. Length 5 days. Format Lecture/lab

Cisco ASA 5500-X Series ASA 5512-X, ASA 5515-X, ASA 5525-X, ASA 5545-X, and ASA 5555-X

CNS Implementing NetScaler 11.0 For App and Desktop Solutions

Cisco Certified Network Expert (CCNE)

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

Cisco Security Certifications

How To Set Up A Cisco Safesa Firewall And Security System

Scenario: Remote-Access VPN Configuration

Cisco ASA 5500 Series SSL / IPsec VPN Edition for the Enterprise

"Charting the Course... Implementing Citrix NetScaler 11 for App and Desktop Solutions CNS-207 Course Summary

Cisco ASA 5500 Series VPN Edition for the Enterprise

Description: Objective: Upon completing this course, the learner will be able to meet these overall objectives:

TABLE OF CONTENTS NETWORK SECURITY 2...1

CNS-207 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions

Cisco ASA 5500 Series Adaptive Security Appliance 8.2 Software Release

Workspot Configuration Guide for the Cisco Adaptive Security Appliance

CCNA Security 2.0 Scope and Sequence

Implementing Cisco Intrusion Prevention System 7.0 (IPS)

CCNA Security. IINS v2.0 Implementing Cisco IOS Network Security ( )

Deploying Cisco ASA VPN Solutions Exam.

Implementing and Administering Security in a Microsoft Windows Server 2003 Network

Scenario: IPsec Remote-Access VPN Configuration

Interconnecting Cisco Networking Devices, Part 2 Course ICND2 v2.0; 5 Days, Instructor-led

Licenses are not interchangeable between the ISRs and NGX Series ISRs.

The IINS acronym to this exam will remain but the title will change slightly, removing IOS from the title, making the new title

Implementing and Configuring Cisco Identity Services Engine SISE v1.3; 5 Days; Instructor-led

Sophos Certified Architect Course overview

Using Entrust certificates with VPN

CISCO IOS NETWORK SECURITY (IINS)

Deploying Cisco Basic Wireless LANs WDBWL v1.1; 3 days, Instructor-led

Cisco ASA 5500 Series VPN Edition

Configuring IPsec VPN with a FortiGate and a Cisco ASA

Windows Server. Introduction to Windows Server 2008 and Windows Server 2008 R2

Cisco Adaptive Security Appliances and Citrix NetScaler Gateway citrix.com

Fundamentals of Windows Server 2008 Network and Applications Infrastructure

Configure ISE Version 1.4 Posture with Microsoft WSUS

Designing Cisco Network Service Architectures ARCH v2.1; 5 Days, Instructor-led

Cisco ASA Adaptive Security Appliance Single Sign-On: Solution Brief

CCNP Security SECURE

Cisco ASA. Administrators

INTERCONNECTING CISCO NETWORKING DEVICES PART 2 V2.0 (ICND 2)

Cisco EXAM Implementing Cisco Secure Mobility Solutions (SIMOS) Buy Full Product.

IPv6 Fundamentals, Design, and Deployment

ESET SECURE AUTHENTICATION. Cisco ASA SSL VPN Integration Guide

Get Success in Passing Your Certification Exam at first attempt!

Interconnecting Cisco Networking Devices, Part 2 **Part of CCNA Route/Switch**

Cisco Adaptive Security Appliance Smart Tunnels Solution Brief

Cisco Actualtests Exam Questions & Answers

PKI Uncovered. Cisco Press. Andre Karamanian Srinivas Tenneti Francois Dessart. 800 East 96th Street. Indianapolis, IN 46240

Cisco Application Control Engine Appliance

Designing a Windows Server 2008 Network Infrastructure

Integration Guide. SafeNet Authentication Service. Using RADIUS Protocol for Cisco ASA

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Cisco Firewall. Overview

Cisco Easy VPN on Cisco IOS Software-Based Routers

Module 1: Overview of Network Infrastructure Design This module describes the key components of network infrastructure design.

Connecting an Android to a FortiGate with SSL VPN

Table of Contents. Introduction

CCNA Security 1.1 Instructional Resource

Cisco AnyConnect Secure Mobility Solution Guide

10972-Administering the Web Server (IIS) Role of Windows Server

VPN Modules for Cisco 1841 and Cisco 2800 and 3800 Series Integrated Services Routers

Cisco Certified Security Professional (CCSP) 50 Cragwood Rd, Suite 350 South Plainfield, NJ 07080

Configuring SSL VPN on the Cisco ISA500 Security Appliance

Building Your Complete Remote Access Infrastructure on Windows Server 2012

Interconnecting Cisco Networking Devices: Accelerated (CCNAX) 2.0(80 Hs) 1-Interconnecting Cisco Networking Devices Part 1 (40 Hs)

CCNA Security v1.0 Scope and Sequence

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

BUY ONLINE AT:

Configuring IPsec VPN between a FortiGate and Microsoft Azure

Remote-Access VPNs: Business Productivity, Deployment, and Security Considerations

Upgrading Your Skills to MCSA Windows Server 2012

Course Syllabus. 2553A: Administering Microsoft SharePoint Portal Server Key Data. Audience. At Course Completion.

AV-006: Installing, Administering and Configuring Windows Server 2012

Planning and Implementing Windows Server 2008

CISCO TECHNICAL TRAINING

ESET SECURE AUTHENTICATION. Cisco ASA Internet Protocol Security (IPSec) VPN Integration Guide

Implementing the Application Control Engine Service Module

"Charting the Course...

Upgrading Your Skills to MCSA Windows Server 2012

SSL VPN Technical Primer

Course # 20417B. Upgrading Your Skills to MCSA Windows Server 2012

Transcription:

VPN_2: Deploying Cisco ASA VPN Solutions Description Deploying Cisco ASA VPN Solutions (VPN) 2.0 is the latest update to the Cisco Certified VPN Training that aims at providing network security engineers with the knowledge and skills needed to configure Cisco VPN Solutions with the Cisco ASA Security Appliance and focuses on the use of the Cisco AnyConnect 3.0 Client and ASA 8.4 code version. Our students will learn the skills they need to choose, configure, and troubleshoot the majority of Cisco ASA adaptive security appliance remote access and site-tosite VPN features to reduce risk to IT infrastructure and its applications. Prerequisites The knowledge and skills that you must have before attending this course include concepts from the following Cisco Certification Courses: Cisco Certified Network Associate (CCNA) certification: Interconnecting Cisco Network Devices 1 (ICND1) Interconnecting Cisco Network Devices 2 (ICND2) Cisco Certified Network Associate Security (CCNA Security) certification: Implementing Cisco IOS Network Security (IINS) In addition to the above prerequisite skills, learners will benefit from a working knowledge of the Microsoft Windows operating system. Audience This course is intended for the following audience: Network Security Engineers (NSEs) ASA Administrators Network Security Administrators Firewall Administrators At Course Completion After completing this course, you will be able to: Evaluate the Cisco ASA adaptive security appliance VPN subsystem Deploy Cisco ASA adaptive security appliance IPsec VPN solutions Deploy Cisco ASA adaptive security appliance Cisco AnyConnect remote access VPN solutions Deploy Cisco ASA adaptive security appliance clientless remote access VPN solutions Deploy advanced Cisco ASA adaptive security appliance VPN solutions

Course Outline Module 1: The Cisco ASA Adaptive Security Appliance VPN Architecture and Common Components Describe the general properties of the Cisco ASA adaptive security appliance VPN subsystem Lesson 1: Evaluating the Cisco ASA Adaptive Security Appliance VPN Subsystem Architecture Lesson objective: Choose the most appropriate Cisco ASA VPN topologies and licensing options Identify the various VPN topologies and identify the correct topology to use for a given scenario Identify the Cisco ASA security appliance IPv6 VPN capabilities Identify the components of the Cisco AnyConnect Secure Mobility Client 3.0 Identify the available VPN licensing options and choose the appropriate licensing option for your network Lesson 2: Evaluating the Cisco ASA Adaptive Security Appliance Software Architecture Lesson objective: Evaluate core Cisco ASA security appliance networking functions as they relate to its VPN functionality Describe the principles of the Cisco ASA security appliance access control model Evaluate Cisco ASA security appliance VPN-related routing features Evaluate Cisco ASA security appliance VPN-related NAT features Evaluate Cisco ASA security appliance VPN-related AAA features The lesson includes this activity: Case Study 1-1: Implementing a Security High-Level Design Lesson 3: Implementing Profiles, Group Policies, and User Policies Lesson objective: Implement core Cisco ASA security appliance policy configurations that are common to all VPN configurations Describe the components of Cisco ASA security appliance VPN policy configuration Configure Cisco ASA security appliance connection profiles Configure Cisco ASA security appliance group policies Configure Cisco ASA security appliance user attributes Describe AAA functions that are available in remote-access VPNs Identify access control methods for VPN Users Implement VPN accounting to external RADIUS and TACACS+ servers Identify Cisco Secure Desktop and DAP features Lesson 4: Implementing PKI Services Lesson objective: Implement PKI services for IP Security (IPsec) and Secure Sockets Layer (SSL) VPN configurations Evaluate PKI services for IPsec and SSL VPN configurations Evaluate different methods of deploying server-side certificates on the Cisco ASA security appliance Configure and verify the local CA on the Cisco ASA security appliance and the Cisco AnyConnect client with client certificates that are provisioned by a Cisco ASA security appliance Choose the appropriate CA server for your design Describe methods to deploy a client certificate to use with Cisco VPN deployments Configure and verify certificate-to-connection-profile mapping on the Cisco ASA security appliance Describe SCEP proxy operations Module 2: Cisco ASA Adaptive Security Appliance Clientless Remote Access SSL VPN Solutions Implement and maintain Cisco clientless remote access SSL VPNs on the Cisco ASA adaptive security appliance VPN gateway Lesson 1: Deploying Basic Clientless VPN Solutions Lesson objective: Configure and verify the baseline clientless SSL VPN remote access features of the Cisco ASA security appliance Describe the building blocks of, and use cases for, the Cisco ASA clientless SSL VPN solution

Plan the configuration of a clientless SSL VPN solution Configure and verify basic Cisco ASA security appliance gateway features and gateway authentication for a clientless SSL VPN Configure and verify password-based local user authentication in a clientless SSL VPN Configure and verify basic access control in a clientless SSL VPN Tune and verify the gateway content rewriting features Troubleshoot VPN session establishment between a browser client and a Cisco ASA security appliance gateway The lesson includes this activity: Lab 2-1: Configuring Basic Clientless VPN Access on the Cisco ASA Adaptive Security Appliance Lesson 2: Deploying Advanced Application Access for Clientless SSL VPNs Lesson objective: Deploy and manage advanced clientless VPN application access features of a clientless Cisco SSL VPN Plan the deployment of clientless SSL VPN application access features Configure and verify application plug-ins Configure and verify smart tunnels in clientless SSL VPNs Troubleshoot advanced application access in clientless SSL VPNs The lesson includes this activity: Lab 2-2: Configuring Advanced Application Access for Clientless SSL VPNs Lesson 3: Deploying Advanced Authentication and SSO for Clientless SSL VPNs Lesson objective: Deploy and manage advanced authentication features of a clientless Cisco SSL VPN Design clientless SSL VPN authentication Deploy client-side certificate-based authentication Configure and verify multiple client authentications Troubleshoot the integration of a clientless SSL VPN with PKI Configure and verify clientless VPN SSO methods Troubleshoot clientless VPN SSO methods Lesson 4: Customizing the Clientless SSL VPN User Interface and Portal Lesson objective: Deploy portal customizations Configure and verify basic customization of the VPN portal navigation pages Configure and verify full portal HTML customization Configure and verify portal localization Configure and verify portal help customization Configure and verify application integration customization The lesson includes this activity: Lab 2-3: Customizing the SSL VPN Portal on the Cisco ASA Adaptive Security Appliance Module 3: Cisco AnyConnect Remote Access SSL Solutions Implement and maintain Cisco AnyConnect client-based remote access SSL VPNs on the Cisco ASA security appliance VPN gateway according to policies and environmental requirements Lesson 1: Deploying a Basic Cisco AnyConnect Full-Tunnel SSL VPN Solution Lesson objective: Deploy and manage the basic features of Cisco AnyConnect full-tunnel SSL VPNs Describe the operation of full-tunnel SSL VPN technology Plan, configure, and verify the gateway features of the Cisco ASA security appliance for a Cisco AnyConnect full-tunnel SSL VPN solution Configure and verify password-based local user authentication and client IP address assignment for a full-tunnel SSL VPN Configure basic access control and split tunneling for a full-tunnel SSL VPN Install, configure, and verify Cisco AnyConnect 3.0 using the predeployment method Troubleshoot VPN session establishment between a Cisco AnyConnect client and a Cisco ASA security appliance gateway The lesson includes this activity: Lab 3-1: Configuring Basic Cisco AnyConnect Client Full-Tunnel SSL VPNs Using Local Password Authentication Lesson 2: Deploying an Advanced Cisco AnyConnect Full-Tunnel SSL VPN Solution Lesson objective: Deploy and manage advanced features of Cisco AnyConnect full-tunnel SSL VPNs

Describe the tasks you use to configure centrally controlled client functions in for Cisco AnyConnect clients Deploy DTLS on the Cisco ASA security appliance Deploy and upgrade Cisco AnyConnect from a Cisco ASA gateway Configure and verify Cisco AnyConnect XML profiles Configure and verify the Cisco AnyConnect Trusted Network Detection, scripting, and SBL feature Customize and verify the Cisco AnyConnect user interface The lesson includes this activity:lab 3-2: Deploying the Cisco AnyConnect Client with Centralized Management Lesson 3: Deploying Advanced AAA in Cisco Full-Tunnel VPNs Lesson objective: Deploy advanced authentication with public key infrastructure (PKI) integration for Cisco AnyConnect full-tunnel SSL VPNs Choose a gateway and user authentication method in Cisco AnyConnect full-tunnel SSL VPNs Plan the deployment of advanced client authentication Configure and verify the local CA on the Cisco ASA security appliance and the Cisco AnyConnect client with client certificates that are provisioned by the Cisco ASA security appliance Configure and verify the Cisco ASA security appliance and Cisco AnyConnect client to use an external CA and provision client certificates Configure SCEP proxy for Cisco AnyConnect Configure and verify integration with supporting PKI entities Configure multiple client authentication Troubleshoot advanced client authentication in full-tunnel SSL VPNs Configure and verify local and remote group policy authorization in a Cisco full-tunnel SSL VPN Configure and verify local and remote group policy accounting in a Cisco full-tunnel SSL VPN The lesson includes this activity: Lab 3-3: Configuring Basic Cisco AnyConnect Full-Tunnel SSL VPNs Using Local CA and SCEP Proxy Module 4: Cisco ASA Adaptive Security Appliance Remote Access IPsec VPNs Implement and maintain Cisco remote access IPsec VPNs on the Cisco ASA VPN gateway according to policies and environmental requirements Lesson 1: Deploying Cisco Remote Access VPN Clients Lesson objective: Deploy and manage the features of the Cisco remote access IPsec VPN clients Describe the operation of IPsec VPN technology Choose the appropriate Cisco VPN client product Install, configure, and verify the installation of the legacy Cisco IPsec VPN client Configure and verify the legacy Cisco IPsec VPN client profiles Configure and verify advanced the legacy Cisco IPsec VPN client profile settings Install, configure, and verify the installation of Cisco AnyConnect 3.0 Configure and verify the auto-initiation feature of Cisco AnyConnect 3.0 Troubleshoot Cisco remote access VPN session establishment The lesson includes this activity: Lab 4-1: Deploying Basic Cisco Easy VPN Lesson 2: Deploying Basic Cisco Remote Access IPsec VPN Solutions Lesson objective: Deploy and manage the basic features of Cisco ASA remote access IPsec VPN server Plan the configuration of a Cisco remote access IPsec VPN gateway Configure and verify basic Cisco ASA gateway features and gateway authentication in a Cisco for remote access IPsec VPNs Configure and verify Cisco remote access VPN PSK-based peer authentication Configure and verify Cisco remote access VPN extended authentication Configure and verify Cisco remote access VPN hybrid authentication Configure and verify Cisco remote access VPN local IP address management Configure and verify Cisco remote access VPN basic access control and split tunneling Configure IKEv2 support for remote access IPsec VPN solutions Troubleshoot Cisco remote access VPN session establishment between a Cisco VPN client and a Cisco ASA gateway

Module 5: Cisco ASA Adaptive Security Appliance Site-to-Site IPsec VPN Solutions Implement and maintain site-to-site VPN solutions on the Cisco ASA security appliance VPN gateway according to policies and environmental requirements Lesson 1: Deploying Basic Site-to-Site IPsec VPNs Lesson objective: Deploy and manage basic site-to-site IPsec VPN features of the Cisco ASA security appliance Plan a Cisco ASA security appliance site-to-site VPN Configure and verify basic peer authentication in a Cisco ASA security appliance site-to-site VPN Configure and verify transmission protection in a Cisco ASA security appliance site-to-site VPN Troubleshoot the operation of a Cisco ASA security appliance site-to-site VPN The lesson includes this activity: Lab 5-1: Deploying a Basic Cisco ASA IPsec Site-to-Site VPN Lesson 2: Deploying Advanced Site-to-Site IPsec VPNs Lesson objective: Deploy and manage advanced site-to-site IPsec VPN authentication features of the Cisco ASA security appliance Plan a Cisco ASA security appliance site-to-site VPN using PKI- based authentication Configure and verify PKI-based peer authentication in a Cisco ASA security appliance site-to-site VPN Troubleshoot the operation of a PKI-based Cisco ASA security appliance site-to-site VPN Module 6: Endpoint Security and High Availability for Cisco ASA VPNs Deploy high-availability options for various Cisco ASA adaptive security appliance VPN deployments Lesson 1: Implementing Cisco Secure Desktop and DAP for SSL VPNs Lesson objective: Implement Cisco Secure Desktop for both clientless and full-tunnel SSL VPNs Choose network admission features for Cisco AnyConnect full-tunnel SSL VPNs Install, enable, and verify Cisco Secure Desktop on a Cisco ASA security appliance SSL VPN gateway Configure and verify Cisco Secure Desktop prelogin criteria on a Cisco ASA security appliance SSL VPN gateway Configure and verify Cisco Secure Desktop prelogin policies on a Cisco ASA security appliance SSL VPN gateway Configure and verify basic Cisco Secure Desktop Advanced Endpoint Assessment features on a Cisco ASA security appliance SSL VPN gateway Configure and verify DAPs that are enabled for Cisco Secure Desktop on a Cisco ASA security appliance SSL VPN gateway Troubleshoot Cisco Secure Desktop operations on a Cisco ASA security appliance SSL VPN gateway The lesson includes this activity: Lab 6-1: Deploying Cisco Secure Desktop for Cisco VPNs Lesson 2: Deploying High-Availability Features in Cisco ASA Adaptive Security Appliance VPNs Lesson objective: Deploy and manage high-availability and high-performance features of the Cisco ASA adaptive security appliance Labs Choose VPN high-availability and high-performance features Configure and verify redundant peering with Cisco AnyConnect and IPsec client Deploy active/standby failover for SSL and IPsec VPNs Implement dynamic routing to achieve IPsec site-to-site VPN high availability Describe the deployment of VPN load-balancing clusters Provide high availability and high performance using an external SLB appliance Troubleshoot Cisco ASA security appliance failover and VPN clustering functions The lesson includes this activity: Lab 6-2: Configuring a Load Balancing SSL VPN Cluster Lab 2-1: Configuring Basic Clientless VPN Access on the Cisco ASA Security Appliance Lab 2-2: Configuring Advanced Application Access for Clientless SSL VPNs Lab 2-3: Customizing the SSL VPN Portal on the Cisco ASA Security Appliance Lab 3-1: Configuring Basic Cisco AnyConnect Client Full-Tunnel SSL VPNs Using Local Password Authentication Lab 3-2: Deploying the Cisco AnyConnect Client with Centralized Management Lab 3-3: Configuring Basic Cisco AnyConnect Full-Tunnel SSL VPNs Using Local CA and SCEP Proxy Lab 4-1: Deploying Basic Remote Access IPsec VPN with IKEv2 Lab 5-1: Deploying a Basic Cisco ASA Security Appliance IPsec Site-to-Site VPN

Lab 6-1: Deploying Cisco Secure Desktop in Cisco SSL VPNs Lab 6-2: Configuring a Load-Balancing SSL VPN Cluster Contact us today. Visit www.quickstart.com or call 800-326-1044

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information