Implementing Advanced Cisco ASA Security (SASAA)

Request a Quote for this class

About this Course

This is an instructor-led product training course targeted towards network security engineers who require in depth knowledge of the advanced features of Cisco ASA security products.

This course provides update training on the key features of the post-8.4.1 release of the Cisco ASA, including the 9.x features such as CX and Clustering.  The course includes detailed coverage of Cisco ASA 5500-X Series Next-Generation Firewalls, the Cisco Catalyst 6500 Series ASA Services Module (ASASM), and the ASA 1000v Cloud Firewall.  It also provides a hands-on experience with installing and setting up the Cisco IPS and Cisco ASA CX software modules, implementing Identity Firewall policies with Cisco CDA, implementing CX policies, and integrating Cisco Cloud Web Security.

Audience Profile

This course is intended for network engineers supporting Cisco ASA 9.x implementations.

At Course Completion

Upon successful completion of this course, students should be able to:

  • Explain the features of Cisco ASA 5500-X Series Next-Generation Firewalls, ASASM, and ASA 1000v Cloud Firewall, and Csico ASAv
  • Install and set up the Cisco IPS and Cisco ASA CX software modules and the Cisco ASAv
  • Implement Cisco ASA Identity Firewall policies by using Cisco CDA and Cisco ASA
  • Implement Cisco ASA NGFW Services (CX)
  • Implement Cisco ASA NGFW Services (CX) and PRSM 9.2.1 features
  • Implement Cisco ASA and Cisco Cloud Web Security integration
  • Implement a Cisco ASA cluster 
  • Describe post v9.1.1 Cisco ASA clustering features
  • Describe the IPv6 features in Cisco ASA Software Release 9.0 (optional module)
  • Describe the multicontext enhancements in Cisco ASA Software Release 9.1 (optional module)
  • Describe Security Group Firewall support in Cisco ASA Software Release 9.0 (optional module)
  • Describe CoA support (optional module) 

Prerequisites

It is recommended that prior to enrollment, students have successfully completed FIREWALL or have equivalent knowledge of the Cisco ASA.

Course Outline

  • Module 1: Cisco ASA Product Family
  • Module 2: Cisco ASA Identity Firewall
  • Module 3: Cisco ASA CX (NGFW Services)
  • Module 4: Cisco ASA Cloud Web Security Integration
  • Module 5: Cisco ASA Cluster
  • Module 6: Cisco ASA Multicontext Enhancements (Optional/Self-Study)
  • Module 7: Cisco ASA Security Group Firewall (Optional/Self-Study)
  • Module 8: Cisco ASA IPv6 Enhancements (Optional/Self-Study)


Lab Outline: 

  • Lab 1-1: Remote Lab Environment Access
  • Lab 1-2: Cisco ASA 5500-X Series IPS Software Module Installation
  • Lab 1-3: Cisco ASAvBasic Setup
  • Lab 2-1: CDA Configuration
  • Lab 2-2: ASA IDFW Configuration
  • Lab 3-1: ASA CX and PRSM Exploration
  • Lab 3-2: ASA CX Access Policy Configuration
  • Lab 3-3: ASA CX Identity Policy Configuration
  • Lab 3-4: ASA CX Decryption Policy Configuration
  • Lab 3-5: PRSM Administration
  • Lab 3-6: ASA NGFW Services v9.2.1 New Features
  • Lab 4-1: Cisco ASA and Cloud Web Security Integration
  • Lab 5-1: ASA Cluster Configuration