• Home
• Course Catalogue
• Certifications
• Onsite Training
• Scheduled Training
• E-Learning
• Managed Services
• Consulting
• Company
• Special Offers
• News
• Links
• Enquiry And Feedback Form

Training Course Outline

IT Vendor Courses   Cisco Security CCSP Training Courses

CSNAF: Securing Networks with ASA Fundamentals

View course dates

Course Duration: 5 days

Course Code: SNAF

Course Description:

Securing Networks with ASA Fundamentals (SNAF) v1.0 is an update to Securing Networks with PIX and ASA (SNPA) v5.0, an existing five-day instructor-led course on using the Cisco ASA and PIX Security Appliance software version 7.2 to protect network systems from intrusions and security threats. In order to cover new features of ASA software version 8.0 and preserve the 5-day length of the course, some of the advanced content in SNPA 5.0 has been moved to the new Securing Networks with ASA Advanced (SNAA) course. Content that has been moved to SNAA includes the following: configuring the ASA 5505 dual-ISP support, configuring ASA 5505 VLANs, configuring policy NAT, installing and configuring the Cisco Secure Desktop, configuring the security appliance to pass multicast traffic, configuring Layer 7 class maps and policy maps, and initializing the AIP-SSM and CSC-SSM.

Another difference between SNPA 5.0 and SNAF 1.0 is that SNAF 1.0 configurations are performed via ASDM rather than the CLI. The SNAF 1.0 course covers important new ASA and PIX Security Appliance 8.0 features.

 

The SNAF course is a five-day, leader-led, lab-intensive course. The course takes a task-oriented approach to teaching the skills to configure, operate, and manage Cisco Adaptive Security Appliance product family.

Prerequisites:

Students who attend this advanced course must have experience in configuring Cisco IOS software and have met the following prerequisites:

- Certification as a CCNA or the equivalent knowledge.
- Basic knowledge of the Windows operating system.
- Familiarity with the networking and security terms and concepts (the concepts are learned in prerequisite training or by reading industry publications).

Prerequisite courses:

ICND1: Interconnecting Cisco Network Devices Part 1

ICND2: Interconnecting Cisco Network Devices Part 2

Follow on courses:

SND: Securing Cisco Network Devices

SNRS: Securing Networks with Cisco Routers and Switches

IPS: Implementing Cisco Intrusion Protection Systems

CSVPN: Cisco Secure Virtual Private Networks

Relevant Certifications:

CCSP Cisco Certified Security Professional

Cisco Firewall Specialist

This course includes the following modules:

Introducing Cisco Security Appliance Technology and Features

• Functions of the three types of firewalls that are used to secure modern computer networks
• Technology and features of Cisco security appliances

Cisco Adaptive Security Appliance and PIX Security Appliance Families

• Cisco ASA security appliance models
• Cisco ASA security appliance licensing options

Getting Started with Cisco Security Appliances

• Four main access modes
• Security appliance file management system
• Security appliance security levels
• ASDM requirements and capabilities
• Use the CLI to configure and verify basic network settings, and prepare the security appliance for configuration via
• ASDM
• Verify security appliance configuration and licensing via ASDM

Essential Security Appliance Configuration

• Configure a security appliance for basic network connectivity
• Verify the initial configuration
• Set the clock and synchronize the time on security appliances
• Configure the security appliance to send syslog messages to a syslog server

Configuring Translations and Connection Limits

• Function of TCP and UDP protocols within the security appliance
• Function of static and dynamic translations
• Configure dynamic address translation
• Configure static address translation
• Set connection limits

Using ACLs and Content Filtering

• Configure the basic function of ACLs
• Configure additional functions of ACLs
• Configure active code filtering (ActiveX and Java applets)
• Configure the security appliance for URL filtering
• Use the packet tracer for troubleshooting

Configuring Object Grouping

• Object grouping feature of the security appliance and its advantages
• Configure object groups and use them in ACLs

Switching and Routing on Security Appliances

• Configure logical interfaces and VLANs
• Configure static routes and static route tracking
• Dynamic routing capabilities of Cisco security appliances
• Configure passive RIP routing

Configuring AAA for Cut-Through Proxy

• Define and compare AAA
• Install and configure Cisco Secure ACS
• Configure the local user database
• Define and configure cut-through proxy authentication
• Define and configure user authorization using downloadable ACLs
• Define and configure accounting

Configuring the Cisco Modular Policy Framework

• Cisco Modular Policy Framework feature for security appliances
• Functionality of class maps
• Functionality of policy maps
• Functionality of service policies
• Use ASDM to configure a service policy rule

Configuring Advanced Protocol Handling

• Need for advanced protocol handling
• How the security appliance implements inspection of common network applications
• Issues with multimedia applications and how the security appliance supports multimedia call control and audio sessions

Configuring Threat Detection

• Threat detection and statistics
• Configure basic threat detection and scanning threat detection
• Configure and view threat detection statistics

Configuring Site-to-Site VPNs Using Pre-Shared Keys

• How security appliances enable a secure VPN
• Perform the tasks necessary to configure security appliance IPsec support
• Commands to configure security appliance IPsec support
• Configure a VPN between security appliances

Configuring Security Appliance Remote Access VPNs

• Cisco Easy VPN
• Cisco VPN Client
• Configure an IPSec Remote Access VPN
• Configure Users and Groups

Configuring Cisco Security Appliances for SSL VPN

• SSL VPN and its purpose
• Use the SSL VPN Wizard to configure a basic clientless SSL VPN connection
• Configure SSL VPN policies
• Verify SSL VPN operations
• Customize the clientless SSL VPN portals

Configuring Transparent Firewall Mode

• Purpose of transparent firewall mode
• How data traverses a security appliance in transparent mode
• Enable transparent firewall mode
• Monitor and maintain transparent firewall mode

Configuring Security Contexts

• Purpose of security contexts
• Enable and disable multiple context mode
• Configure a security context
• Manage a security context

Configuring Failover

• Difference between hardware and stateful failover
• Difference between active/standby and active/active failover
• Security appliance failover hardware requirements
• Configure redundant interfaces
• How active/standby failover works
• Security appliance roles of primary, secondary, active, and standby
• How active/active failover works
• Configure active/standby cable-based and LAN-based failover
• Configure active/active failover
• Use remote command execution

Managing Security Appliances

• Configure Telnet access to the security appliance Configure SSH access to the security appliance
• Configure command authorization
• Recover security appliance passwords using general password recovery procedures
• Use TFTP to install and upgrade the software image on the security appliance

 

Location	Duration	RRP	Jan	Feb	Mar	Apr	May	Jun
Click on course date to make a booking, check availability, or find out about available discounts.
Birmingham	5 days	£1895			23 - 27
Coventry	5 days	£1895		23 - 27				1 - 5
Edinburgh	5 days	£1895					11 - 15
Glasgow	5 days	£1895	19 - 23		9 - 13
Glasgow (RenSt)	5 days	£1895	19 - 23
Leeds	5 days	£1895						15 - 19
London	5 days	£1895	12 - 16	9 - 13	2 - 6 16 - 20	20 - 24	11 - 15	22 - 26
London (Ros)	5 days	£1895	12 - 16	9 - 13	16 - 20	20 - 24	18 - 22	22 - 26
London - Old Broad Street	5 days	£1895		16 - 20	23 - 27	27 - 1	18 - 22	22 - 26
Manchester	5 days	£1845		9 - 13 23 - 27	2 - 6 16 - 20			1 - 5
Manchester (Exch)	5 days	£1895		23 - 27
Wakefield	5 days	£1895	12 - 16		30 - 3	20 - 24
Wokingham	5 days	£1895		2 - 6			11 - 15

<< Previous 6 Months

Next 6 Months >>

Perpetual Solutions are a global provider of onsite training solutions throughout London, UK and the rest of the world. For scheduled training our UK partner network provides an unrivalled choice of courses.

Save as PDF

Print this course