Overview
Overview
Thank you for reading this post, don't forget to subscribe!Implementing Cisco Edge Network Security Solutions (SENSS) v1.0 is a five-day course that is part of the curriculum path leading to the Cisco Certified Network Professional Security (CCNP Security) certification. Additionally, it is designed to prepare security engineers with the knowledge and hands-on experience to prepare them to configure Cisco perimeter edge security solutions utilizing Cisco Switches, Cisco Routers, and Cisco Adaptive Security Appliance (ASA) Firewalls.
Audience Profile
Network Security Engineers
Prerequisite(s) Recommended
IINS – Implementing Cisco IOS Network Security 3.0. CCNA Security Boot Camp
Learning Objectives
Upon completing this course, the learner will be able to meet these overall objectives:
- Understand current security threat landscape
- Understanding and implementing Cisco modular Network Security Architectures such as SecureX and TrustSec
- Deploy Cisco Infrastructure management and control plane security controls
- Configuring Cisco layer 2 and layer 3 data plane security controls
- Implement and maintain Cisco ASA Network Address Translations (NAT)
- Implement and maintain Cisco IOS Software Network Address Translations (NAT)
- Designing and deploying Cisco Threat Defense solutions on a Cisco ASA utilizing access policy and application and identity based inspection
- Implementing Botnet Traffic Filters Deploying Cisco IOS Zone-Based Policy Firewalls (ZBFW)
- Configure and verify Cisco IOS ZBFW Application Inspection Policy
Course Outline
Course Outline
Module 1: Secure Design Principles
Lessons
• Course Overview
• Network Security Zoning
• Cisco Module Network Security Architecture
• Cisco SecureX Architecture
• Cisco TrustSec Solution
Module 2: Deploying Network Infrastructure Protection
Lessons
• Introducing Cisco Network Infrastructure Protection
• Deploying Cisco IOS Control Plane Security Controls
• Deploying Cisco IOS Management Plane Security Controls
• Deploying Cisco ASA Management Plane Security Controls
• Deploying Cisco Traffic Telemetry Methods
• Deploying Cisco IOS Layer 2 and Layer 3 Data Plane Security Controls
Lab: Configuring Cisco Policy Protection (CPP) and Management Plane Protection (MPP)
Lab: Configure Traffic Telemetry Methods
Lab: Configure Layer 2 Data Plan Security
Module 3: Deploying NAT on Cisco IOS and Cisco ASA
Lessons
• Introducing Network Address Translation
• Deploying Cisco ASA Network Address Translation
• Deploying Cisco IOS Software Network Address Translation
Lab: Configure NAT on Cisco Adaptive Security Appliance (ASA) Firewall
Lab: Configure NAT on Cisco IOS Software
Module 4: Deploying Threat Controls on Cisco ASA
Lessons
• Introducing Cisco Firewall Threat Controls
• Deploying basic Cisco ASA Access Policies
• Deploying Advanced Cisco ASA Application Inspection Policies
• Deploying Cisco ASA Botnet Traffic Filtering
• Deploying Cisco ASA Identity Based Firewall
Lab: Configure Cisco ASA Access Policy
Lab: Configure Cisco ASA Application Inspection Policy
Lab: Configure Cisco ASA Botnet Traffic Filter
Lab: Configure Cisco ASA Identity Based Firewall
Module 5: Deploying Threat Controls on Cisco IOS Software
Lessons
• Deploying Basic Cisco IOS Software with Basic Zone-Based Firewall Access Policies
• Deploying Advanced Cisco IOS Software ZBFW with Application Inspection Policies
Lab: Configure Cisco IOS Software Zone-Based Firewall (ZBFW)
Lab: Configure Cisco IOS Software ZBFW Application Inspection Policy Lab Activity Solutions