Implementing Core Cisco ASA Security v1.0 - SASAC

Implementing Core Cisco ASA Security v1.0 - SASAC Course Description

Duration: 5.00 days (40 hours)

Cisco Career Guide

This course covers the Cisco ASA 9.0 / 9.1 core firewall and VPN features. Cisco ASA Core v1.0 is designed to teach network security engineers working on the Cisco ASA Adaptive Security Appliance to implement core Cisco ASA features, including the new ASA 9.0 and 9.1 features.

Next Class Dates

Apr 2, 2018 – Apr 6, 2018
9:00 AM – 5:00 PM CT
519 8th Avenue, 2nd Floor, New York, NY 10018
New York, NY 10018
Jun 4, 2018 – Jun 8, 2018
9:00 AM – 5:00 PM CT
519 8th Avenue, 2nd Floor, New York, NY 10018
New York, NY 10018
Jul 30, 2018 – Aug 3, 2018
9:00 AM – 5:00 PM CT
519 8th Avenue, 2nd Floor, New York, NY 10018
New York, NY 10018
Sep 24, 2018 – Sep 28, 2018
9:00 AM – 5:00 PM CT
519 8th Avenue, 2nd Floor, New York, NY 10018
New York, NY 10018

View More Schedules »

Contact us to customize this class with your own dates, times and location. You can also call 1-888-563-8266 or chat live with a Learning Consultant.

Back to Top

Intended Audience for this Implementing Core Cisco ASA Security v1.0 - SASAC Course

  • » The primary audience for this course is Network engineers supporting Cisco ASA 9.x implementations

Back to Top

Course Prerequisites for Implementing Core Cisco ASA Security v1.0 - SASAC

  • » FIREWALL v1.0 or FIREWALL v2.0 or an equivalent knowledge of the Cisco ASA

Back to Top

Implementing Core Cisco ASA Security v1.0 - SASAC Course Objectives

  • » Explain the core essential features of Cisco ASA 5500-X Series Next-Generation Firewalls
  • » Describe how to implement Cisco ASA basic connectivity and device management
  • » Implement basic Cisco ASA network integration
  • » Describe and implement basic Cisco ASA policy controls
  • » Describe Cisco ASA common VPN components
  • » Describe and implement Cisco ASA clientless VPN solutions
  • » Describe and implement Cisco ASA and Cisco AnyConnect full tunnel VPN solutions

Back to Top

Implementing Core Cisco ASA Security v1.0 - SASAC Course Outline

      1. Cisco ASA Adaptive Security Appliance Essentials
        1. Evaluating Cisco ASA Adaptive Security Appliance Technologies
          1. Firewall Technologies
          2. Cisco ASA Adaptive Security Appliance Features
        2. Identifying Cisco ASA Adaptive Security Appliance Models
          1. Cisco ASA Adaptive Security Appliance Hardware
        3. Identifying Cisco ASA Adaptive Security Appliance Licensing Options
          1. Cisco ASA Adaptive Security Appliance Licensing Options
          2. Cisco ASA Adaptive Security Appliance Licensing Requirements
      2. Basic Connectivity and Device Management
        1. Preparing the Cisco ASA Adaptive Security Appliance for Network Integration
          1. Managing the Cisco ASA Adaptive Security Appliance Boot Process
          2. Managing the Cisco ASA Adaptive Security Appliance Using the CLI
          3. Managing the Cisco ASA Adaptive Security Appliance Using Cisco ASDM
          4. Navigating Basic Cisco ASDM Features
          5. Managing the Cisco ASA Adaptive Security Appliance Basic Upgrade
        2. Managing Basic Cisco ASA Adaptive Security Appliance Network Settings
          1. Managing Cisco ASA Adaptive Security Appliance Security Levels
          2. Configuring and Verifying Basic Connectivity Parameters
          3. Configuring and Verifying Interface VLANs
          4. Configuring a Default Route
          5. Configuring and Verifying the Cisco ASA Security Appliance DHCP Server
          6. Troubleshooting Basic Connectivity
      3. Network Integration
        1. Configuring Cisco ASA Adaptive Security Appliance NAT Features
          1. NAT on Cisco ASA Security Appliances
          2. Configuring Object (Auto) NAT
          3. Configuring Manual NAT
          4. Tuning and Troubleshooting NAT on the Cisco ASA Adaptive Security Appliance
        2. Configuring Cisco ASA Adaptive Security Appliance Basic Access Control Features
          1. Connection Table and Local Host Table
          2. Configuring and Verifying Interface ACLs
          3. Configuring and Verifying Global ACLs
          4. Configuring and Verifying Object Groups
          5. Configuring and Verifying Public Servers
          6. Configuring and Verifying Other Basic Access Controls
          7. Troubleshooting ACLs
        3. Configuring Cisco ASA Adaptive Security Appliance Routing Features
          1. Static Routing
          2. Dynamic Routing
          3. EIGRP Configuration and Verification
          4. Multicast Support
      4. Cisco ASA Adaptive Security Appliance Policy Controls
        1. Defining the Cisco ASA Adaptive Security Appliance MPF
          1. Cisco MPF Overview
          2. Configuring and Verifying Layer 3 and Layer 4 Policies
          3. Configuring and Verifying a Policy for Management Traffic
        2. Configuring Cisco ASA Adaptive Security Appliance Advanced Application Inspections
          1. Layer 5 to Layer 7 Policy Control Overview
          2. Configuring and Verifying HTTP Inspection
          3. Configuring and Verifying FTP Inspection
          4. Supporting Other Layer 5 to Layer 7 Applications
          5. Troubleshooting Application Layer Inspection
      5. Cisco ASA Adaptive Security Appliance VPN Common Components
        1. VPN Overview
          1. VPN Definition
          2. Key Threats to WANs and Remote Access
          3. VPN Types
          4. VPN Components
        2. Implementing Profiles, Group Policies, and User Policies
          1. Cisco ASA VPN Policy Configuration
          2. Cisco ASA Adaptive Security Appliance Connection Profiles
          3. Cisco ASA Adaptive Security Appliance Group Policies
          4. Cisco ASA VPN AAA and External Policy Storage
          5. Cisco ASA Adaptive Security Appliance User Attributes
          6. Access Control Methods
          7. VPN Accounting Using External Servers
          8. DAP for SSL VPN
        3. Implementing PKI Services
          1. Using PKI
          2. Provisioning Server-Side Certificates on the Cisco ASA Adaptive Security Appliance
          3. CA Servers
          4. Deploying Client-Based Certificate Authentication
          5. SCEP Proxy Operations
          6. Enable Certificate Authentication in Connection Profile
          7. Configuring Certificate-to-Connection Profile Mappings
      6. Cisco Clientless VPN Solution
        1. Introducing Clientless SSL VPN
          1. Cisco Clientless SSL VPN
          2. Cisco Clientless SSL VPN Use Cases
          3. Cisco Clientless SSL VPN Resource Access Methods
          4. Secure Sockets Layer and Transport Layer Security
          5. SSL Session Setup and Key Management
          6. SSL Server Authentication
          7. SSL Client Authentication
          8. SSL Transmission Protection
        2. Deploying Basic Cisco Clientless SSL VPN on the Cisco ASA Adaptive Security Appliance
          1. Basic Cisco Clientless SSL VPN
          2. Server Authentication in Basic Clientless SSL VPN
          3. Client-Side Authentication in Basic Clientless SSL VPN
          4. Clientless SSL VPN URL Entry and Bookmarks
          5. Basic Access Control for Clientless SSL VPN
          6. Disabling Content Rewriting
          7. Basic Clientless SSL VPN Configuration Tasks
          8. Basic Clientless SSL VPN Configuration Scenario
          9. Configuring Basic Cisco Clientless SSL VPN
          10. Verifying Basic Cisco Clientless SSL VPN
          11. Troubleshooting Basic Clientless SSL VPN Operations
        3. Deploying Application Access in Cisco Clientless SSL VPN
          1. Cisco Clientless SSL VPN Application Access Overview
          2. Application Plug-Ins
          3. Configuring Application Plug-ins
          4. Verify Clientless SSL VPN Application Plug-Ins
          5. Troubleshooting Clientless SSL VPN Application Plug-Ins
          6. Smart Tunnels
          7. Configuring Smart Tunnels
          8. Verifying Smart Tunnels
          9. Troubleshoot Smart Tunnels
        4. Deploying Client-Side Authentication and Authorization in Clientless SSL VPN
          1. Client-Side Authentication Options
          2. Client-Side Authentication and Authorization Using AAA Server
          3. Double Client-Side Authentication Using AAA Servers
          4. Troubleshooting Client-Side AAA Authentication
      7. Cisco AnyConnect Full Tunnel VPN Solutions
        1. Deploying Basic Cisco AnyConnect SSL VPN on Cisco ASA
          1. Basic Cisco AnyConnect SSL VPN
          2. SSL VPN Clients Authentication
          3. SSL VPN Client IP Address Assignment
          4. SSL VPN Split Tunneling
          5. Configuration Scenario
          6. Configuration Tasks
          7. Enable Cisco AnyConnect SSL VPNs
          8. Define IP Address Pool
          9. Configure Identity NAT
          10. Configure Group Policy
          11. Configure Group Policy: Split Tunneling
          12. Configure Connection Profile
          13. Monitor Cisco AnyConnect VPN on Client Endpoint
          14. Monitor Cisco AnyConnect VPN on Server
        2. Deploying Advanced Cisco AnyConnect SSL VPN on Cisco ASA
          1. Cisco AnyConnect SSL VPN Solution Components
          2. DTLS Overview
          3. Parallel DTLS and TLS Tunnels
          4. Configure DTLS
          5. Verify DTLS
          6. Cisco AnyConnect Client Configuration Management
          7. Managing Cisco AnyConnect Software from Cisco ASA
          8. Cisco AnyConnect Client Operating System Integration Options
          9. Deploying Cisco AnyConnect Trusted Network Detection
          10. Cisco AnyConnect Start Before Logon
          11. Deploying Cisco AnyConnect Start Before Logon
        3. Deploying Advanced Authentication and Authorization in Cisco AnyConnect VPNs
          1. Cisco AnyConnect Advanced Authentication Scenarios
          2. Certificate-Based Server Authentication
          3. Client Enrollment Methods
          4. Methods for Revoking Credentials
          5. Enable Certificate-Based Authentication
          6. Enable Two-Factor Authentication
          7. Two-Factor Authentication with Name Prefill
          8. Local Authorization Overview
          9. Local Authorization Configuration Procedure
          10. Configure Local Authorization
          11. Verify Local Authorization
          12. External Authorization Scenario
          13. Configure Authorization Using LDAP/AD
          14. Verify External Authorization
          15. Troubleshooting Cisco AnyConnect VPN
        4. Deploying Cisco AnyConnect IPsec/IKEv2 VPNs
          1. Cisco AnyConnect Support for IKEv2
          2. Internet Key Exchange v1 and v2
          3. Making IPsec the Primary Protocol for a Host Entry
          4. IKEv2 Configuration Procedure
          5. Configure a Cisco AnyConnect IPsec VPN on a Cisco ASA Appliance
          6. Verify and Troubleshoot Cisco AnyConnect IPsec VPN on Cisco ASA Appliance
      8. Cisco ASA Adaptive Security Appliance High Availability and Virtualization
        1. Configuring Cisco ASA Adaptive Security Appliance Interface Redundancy Features
          1. Configuring and Verifying EtherChannel
          2. Configuring and Verifying Redundant Interfaces
          3. Troubleshooting EtherChannel and Redundant Interfaces
        2. Configuring Cisco ASA Adaptive Security Appliance Active/Standby High Availability
          1. Failover Overview
          2. Configuration Choices, Basic Procedures, and Required Input Parameters
          3. Configuring and Verifying Active/Standby Failover
          4. Tuning and Managing Active/Standby Failover
          5. Remote Command Execution
          6. Troubleshooting Active/Standby Failover
        3. Configuring Security Contexts on the Cisco ASA Adaptive Security Appliance
          1. Multiple-Context Mode
          2. Configuring Security Contexts
          3. Verifying and Managing Security Contexts
          4. Configuring and Verifying Resource Management
          5. Troubleshooting Security Contexts
        4. (OPTIONAL) Configuring Cisco ASA Adaptive Security Appliance Active/Active High Availability (Optional/Self-study)
          1. Active/Active Failover
          2. Configuring and Verifying Active/Active Failover
          3. Tuning and Managing Active/Active Failover
          4. Troubleshooting Active/Active Failover
      9. Lab
        1. Lab: Accessing the Remote Lab Environment
        2. Task: Access the Learning@Cisco-Hosted ASA Remote Lab
        3. Lab: Configuring the Cisco ASA Adaptive Security Appliance
        4. Task: Verify Cisco ASA Adaptive Security Appliance and Cisco ASDM Versions
        5. Task: Initialize the Cisco ASA Adaptive Security Appliance from the CLI
        6. Task: Launch Cisco ASDM and Test SSH Access
        7. Task: Configure and Verify Interfaces
        8. Task: Configure System Management Parameters
        9. Lab: Configuring NAT
        10. Task: Configure Object NAT for the Client Network and DMZ Server
        11. Task: Configure Manual NAT for the DMZ Server and Client Network
        12. Lab: Configuring Basic Cisco Access Control Features
        13. Task: Troubleshoot Basic Connectivity
        14. Task: Configure Network and Service Object Groups
        15. Task: Configure Access Lists
        16. Task: Configure Public Servers
        17. Task: Configure Global Access Lists
        18. Task: (Optional) Configure Unicast Reverse Path Forwarding Check
        19. Lab: Configuring MPF, Basic Stateful Inspections, and QoS
        20. Task: Configure ICMP and FTP Inspection
        21. Task: Enable TTL Decrement and Disable TCP Initial Sequence Randomization
        22. Task: Tune TCP Timeouts, Enable TCP DCD, and Configure TCP Normalization
        23. Task: Configure a Priority Queue and Traffic Policing
        24. Lab: Configuring MPF Advanced Application Inspections
        25. Task: Configure HTTP Inspection to Protect the DMZ Server
        26. Task: Configure FTP Inspection to Protect the DMZ Server
        27. Task: Return the Cisco ASA Security Appliance to the Default Inspection Policies
        28. Lab: Implementing Basic Clientless SSL VPN on the Cisco ASA
        29. Task: Configure the Cisco ASA to Use DNS
        30. Task: Enable Clientless SSL VPN Connections
        31. Task: Provision an Identity Certificate for the Cisco ASA
        32. Task: Configure Local User Authentication
        33. Task: Configure Bookmarks and Access Control
        34. Lab: Configuring Application Access for Clientless SSL VPN on the Cisco ASA
        35. Task: Configure Application Access Using Plug-ins
        36. Task: Configure Application Access Using Smart Tunnels
        37. Lab: Implementing External Authentication and Authorization for Clientless SSL VPNs
        38. Task: Configure External Authentication Using Microsoft Active Directory
        39. Task: Configure External Authorization Using Microsoft Active Directory
        40. Lab: Implementing Basic Cisco AnyConnect SSL VPN on the Cisco ASA
        41. Task: Enable Cisco AnyConnect SSL VPN Connections
        42. Task: Configure the VPN IP Address Pool and Identity NAT
        43. Task: Configure a VPN User and Create a Connection Profile
        44. Task: Configure Group Policy: IP Pool, DNS, and Split Tunneling
        45. Task: Test Cisco AnyConnect SSL VPNs
        46. Lab: Configuring Advanced Authentication for Cisco AnyConnect SSL VPNs
        47. Task: Review LDAP and Active Directory Server Settings on the Cisco ASA
        48. Task: Deploy Local Authorization for Local VPN Users
        49. Task: Deploy External Authorization Using Microsoft Active Directory
        50. Task: Deploy a Standalone Cisco AnyConnect Client on the Outside PC
        51. Lab: Implementing Cisco AnyConnect IPsec/IKEv2 VPNs
        52. Task: Deploy Cisco AnyConnect IPsec/IKEv2 VPN with WebLaunch
        53. Lab: Configuring Active/Standby High Availability
        54. Task: Prepare the Secondary Appliance for Failover Configuration via the CLI and Cisco ASDM
        55. Task: Configure Active/Standby Failover
        56. Task: Configure Standby IP Addresses on the Active Appliance and Test Failover
        57. Task: Tune Active/Standby Failover
        58. Task: Enable Stateful Active/Standby Failover

Back to Top

Do you have the right background for Implementing Core Cisco ASA Security v1.0 - SASAC?

Skills Assessment

We ensure your success by asking all students to take a FREE Skill Assessment test. These short, instructor-written tests are an objective measure of your current skills that help us determine whether or not you will be able to meet your goals by attending this course at your current skill level. If we determine that you need additional preparation or training in order to gain the most value from this course, we will recommend cost-effective solutions that you can use to get ready for the course.

Our required skill-assessments ensure that:

  1. All students in the class are at a comparable skill level, so the class can run smoothly without beginners slowing down the class for everyone else.
  2. NetCom students enjoy one of the industry's highest success rates, and pass rates when a certification exam is involved.
  3. We stay committed to providing you real value. Again, your success is paramount; we will register you only if you have the skills to succeed.
This assessment is for your benefit and best taken without any preparation or reference materials, so your skills can be objectively measured.

Take your FREE Skill Assessment test »

Back to Top

Award winning, world-class Instructors

David M.
- Networking expert with several Cisco certifications, including CCENT, CCNA, CCDA, CCSI, and CCVP. - Has taught over 90 courses at NetCom Learning. - Average rating of 8.75 out of 9 on student evaluation reports.

Bio:

David has been in the Networking field for the past eleven years and holds several Cisco certifications. He has been an instructor since 2005 and has taught over 90 courses at NetCom Learning.

David is an extremely enthusiastic trainer with a raw passion towards teaching and delivering Cisco information and takes great pride in his career as an instructor, which has lead him to develop and deliver the class in his own unique way; very professional and knowledgeable, yet pleasant and enjoyable. His classes have a high passing rate for students taking certification exams, and averages 8.75 out of 9 on evaluation reports.
Michael G.
- Over 22 years of professional experience in the IT field, including more than a decade as a Certified Trainer.
- An expert in Cisco's Routing, Switching, Security, Voice and Wireless areas, as well as select Microsoft, Novell, CompTIA, Sun and CWNP courses.
- High-skilled and acclaimed instructor. Has trained over 900 students at Netcom Learning.

Bio:

Michael has over 22 years of professional experience in the IT field, including more than a decade as a Certified Trainer. An expert in Cisco's Routing, Switching, Security, Voice and Wireless areas, Michael also teaches select Microsoft, Novell, CompTIA, Sun and CWNP courses.

Michael's dedication and passion for teaching is unmatched. He has trained over 900 students at Netcom Learning since 2006 and his evaluation scores average 8.7 out of 9.
William D.
- Bachelors and Masters in Mathematics from University of Pennsylvania, in addition to several IT certifications.
- Over 20 years of experience in the IT industry; background ranges from engineering, administration and escalation support in networks.

Bio:

William is a highly-skilled IT professional with Bachelors and Masters Degree in Mathematics from University of Pennsylvania. He has been working in the IT industry for over 20 years, with experience in engineering, administration and escalation support in networks ranging from small to large scale complex enterprise environments.

As a Cisco and CompTIA Subject Matter Expert, he holds several certifications, including Cisco CCNA, CCNP, and CCIE. William is one of NetCom's top trainers, consistently scoring high marks in student evaluations.

See more...   See more instructors...

Back to Top

Recent Client Testimonials & Reviews

Very knowledgeable instructor. True subject matter expert.

- Dameon R.

Course(s) Taken

» Implementing Cisco Voice Communications and QoS v8.0 - CVOICE

The instructor knows his material very well.

- Hung N.

Course(s) Taken

» Implementing Cisco Voice Communications and QoS v8.0 - CVOICE

Good Training company with whom we have a history.

-Swaminathayer M.
Course(s) Taken

» Deploying Cisco ASA Firewall Solutions v2.0 - FIREWALL

  More testimonials »  

Back to Top