|
Securing Networks with PIX and ASA (SNPA) — A 5-Day Course
Synopsis
SNPA is a five-day lab intensive instructor led training course. This task-orientated course teaches the knowledge and skill needed to describe, configure, verify and manage the PIX and ASA security Appliances.
Course Objectives
After completing the training course, the student will be able to:
- Describe the general functionality of firewalls and security appliances
- Choose the most appropriate security appliance and licensing for a given scenario
- Configure the security appliance for basic network connectivity
- Perform address translation on a security appliance
- Configure security appliance access control
- Describe and configure the object grouping feature of Cisco security appliances
- Define, configure, and monitor AAA in Cisco security appliances
- Describe and configure the switching and routing functionality that your security appliance provides Describe and configure a security appliance modular policy
- Describe and configure security appliance advanced protocol handling
- Configure Cisco security appliances for VPN connectivity
- Configure security appliances for secure remote access
- Configure the Cisco security appliances to support the WebVPN feature set
- Configure Cisco security appliances to run in transparent firewall mode
- Configure the security appliance to support multiple contexts
- Implement and configure failover in a network
- Configure and monitor security appliances with ASDM
- Initialize a Cisco ASA AIP SSM and CSC SSM
- Secure and upgrade system access to the security appliance and recover from problems
Intended Audience
- Cisco customers who implement and maintain Cisco PIX and ASA security appliances
- Cisco Channel Partners who sell, implement and maintain Cisco PIX and ASA security appliances
- Cisco Systems engineers who support the sales of the Cisco PIX and ASA security appliances
Prerequisites
Students who attend this course must have met the following
prerequisites:
- Cisco CCNA certification
- Basic knowledge of the Windows operating system
- Familiarity with the networking and security terms and concepts
Certification
This SNPA course is recommended as preparation for exam:
This course is part of the CCSP certification path, and the Cisco Firewall Specialisation.
Publicly scheduled dates, locations, and prices
Central London — £1795 (+VAT)
- 19–23 May 2008
- 2–6 Jun 2008
- 23–27 Jun 2008
- 30 Jun–4 Jul 2008
- 28 Jul–1 Aug 2008
- 4–8 Aug 2008
- 11–15 Aug 2008
- 1–5 Sep 2008
- 22–26 Sep 2008
- 20–24 Oct 2008
- 24–28 Nov 2008
Leeds — £1795 (+VAT)
- 19–23 May 2008
- 14–18 Jul 2008
- 29 Sep–3 Oct 2008
Manchester — £1795 (+VAT)
- 16–20 Jun 2008
- 11–15 Aug 2008
Birmingham — £1795 (+VAT)
Cirencester — £1795 (+VAT)
Wokingham — £1795 (+VAT)
- 2–6 Jun 2008
- 1–5 Sep 2008
- 8–12 Dec 2008
Coventry — £1795 (+VAT)
- 18–22 Aug 2008
- 3–7 Nov 2008
Glasgow — £1795 (+VAT)
Aberdeen — £1795 (+VAT)
Outline Course Contents
Cisco Security Appliance Technology and Features
- Firewalls
- Security Appliance Overview
Cisco PIX and ASA Security Appliance Families
- Cisco Pix Security Appliance Family
- PIX Security Appliance Licensing
- Cisco ASA Security Appliance Licensing
Getting Started with Cisco Security Appliance
- User Interface
- File Management
- Adaptive Security Algorithm Security Levels
- Basic Security Appliance Configuration
- Examining Security Appliance Status
- Time Setting and NTP Support
- Syslog Configuration
Configuring Translations and Connection Limits
- Transport Protocols
- Network Address Translation
- Port Address Translation
- Static Command
- Translation Behavior
- Connections and Translations
Configuring Cisco ASA Security Appliances for WebVPN
- WebVPN Feature Overview
- WebVPN End-User Interface
- Configure WebVPN General Parameters
- Configure WebVPN Policies
- Configure WebVPN Tunnel Groups
- Configure WebVPN Servers and URLs
- Configure WebVPN E-Mail Proxy Servers
- Configure WebVPN Content Filters and ACLs
Configuring Transparent Firewall Mode
- Transparent Firewall Mode Overview
- Enabling Transparent Firewall Mode
- Monitoring and Maintaining Transparent Firewall Mode
Configuring Security Contexts
- Security Context Overview
- Resource Management
- Enabling Multiple Context Mode
- Configuring a Security Context
- Managing Security Contexts
Configuring Failover
- Understanding Failover
- Serial Cable-Based Failover Configuration
- Active/Standby LAN-Based Failover Configuration
- Active/Active Failover Configuration
Using ACLs and Content Filtering
- ACLs
- Malicious Active Code Filtering
- URL Filtering
- Packet Tracer
Configuring Object Grouping
- Overview of Object Grouping
- Configuring and Using Object Groups
Configuring Authentication, Authorisation, and Accounting
- Introduction to AAA
- Installation of Cisco Secure ACS for Windows 2000
- Authentication Configuration
- Cut-Through Proxy Authentication Configuration
- Tunnel Access Authentication Configuration
- Authorization Configuration
- Accounting Configuration
Switching and Routing Cisco Security Appliances
- VLAN Capabilities
- Static and Dynamic Routing
- Multicasting
Configuring the Cisco Modular Policy Framework
- Modular Policy Framework Overview
- Configuring a Class Map
- Configuring a Policy Map
- Configuring a Service Policy
Cisco ASDM
- ASDM Overview and Operating Requirements
- Preparing for ASDM
- Navigating ASDM Configuration Windows
- Navigating ASDM Multimode Windows
Introducing Cisco ASA SSMs
- Cisco ASA SSM Overview
- Cisco ASA AIP SSM Overview
- Cisco ASA AIP SSM Software Loading
- Cisco ASA CSC SSM Overview
- Configure a Security Policy on the Cisco ASA Security Appliance
Managing Security Appliance
- Managing System Access
- Managing User Access Levels
- Managing Software, Licenses, and Configurations
- Image Upgrade and Activation Keys
Configuring Advanced Protocol Handling
- Advanced Protocol Handling
- Inspection Class Maps and Inspection Policy Maps
- Regular Expressions
- FTP Inspection
- HTTP Inspection
- Instant Messaging Inspection
- ESMTP Inspection
- DNS Inspection
- Protocol Application Inspection
- Multimedia Support
Configuring VPNs
- Secure VPNs
- How IPsec Works
- IPsec Configuration Tasks
- Task 1: Prepare to Configure VPN Support
- Task 2: Configure IKE Parameters
- Task 3: Configure IPsec Parameters
- Task 4: Test and Verify VPN Configuration
Configuring Security Appliance Remote Access Using Cisco Easy VPN
- Introduction to Cisco Easy VPN
- The Cisco Easy VPN Connection Process
- Overview of Cisco Easy VPN Client
- Configuring Cisco VPN Client as Cisco Easy VPN Remote
- Working with the Cisco VPN Client
- Configuring Users and Groups
- Configuring the Cisco Easy VPN Server for Extended Authentication
|
Publicly Scheduled Training Locations
We currently run public training courses in the following locations:
- London, UK
- Leeds, West Yorkshire, UK
- Birmingham, West Midlands, UK
- Carshalton, Surrey, UK
- Chester, North West, UK
- Coventry, West Midlands, UK
- Edinburgh, Scotland, UK
- Glasgow, Scotland, UK
- Harwell, Oxfordshire, UK
- Manchester, North West, UK
- Milton Keynes, Buckinghamshire, UK
- Newark, Nottinghamshire, UK
- Reading, Berkshire, UK
- Slough, Berkshire, UK
- Stevenage, Hertfordshire, UK
- Wakefield, West Yorkshire, UK
- Wokingham, Berkshire, UK
Most UK public training courses are available on a monthly basis.
Please see the individual course outlines or our public
training schedule
for details.
In-house (on-site) training locations
We deliver in-house courses at client premises and/or training facilities in
any part of the world which is practically and commercially accessible.
Our In-house training guidelines
outline our basic requirements and our UK pricing structure. To estimate costs
for training in other countries, simply convert to your local currency and then
make a rough calculation of our tutor's costs for travelling to and staying at
your location.
|
