Overview
Overview
Thank you for reading this post, don't forget to subscribe!This enhanced course contains added depth to the standard labs, using a topology that simulates a typical production network. You’ll use ASA 5515 appliances to work through configuring access control to and from your network. Additionally, the PC systems and server systems are an integral part of the lab environment. Here you will use Windows 8, Windows Server 2012, and Kali Linux to manage, test, and even attack your lab network using real-world operating systems and applications.
Audience Profile
Network engineers supporting Cisco ASA 9.x implementations
Prerequisite(s) Recommended
FIREWALL v1.0 or FIREWALL v2.0 or an equivalent knowledge of the Cisco ASA
Learning Objectives
- Explain the core essential features of Cisco ASA 5500-X Series Next-Generation Firewalls
- Describe how to implement Cisco ASA basic connectivity and device management
- Implement basic Cisco ASA network integration
- Describe and implement basic Cisco ASA policy controls
- Describe Cisco ASA common VPN components
- Describe and implement Cisco ASA clientless VPN solutions
- Describe and implement Cisco ASA and Cisco AnyConnect full tunnel VPN solutions
Course Outline
Course Outline
Module 1: Cisco ASA Adaptive Security Appliance Essentials
Lessons
• Evaluating Cisco ASA Adaptive Security Appliance Technologies
• Identifying Cisco ASA Adaptive Security Appliance Models
• Identifying Cisco ASA Adaptive Security Appliance Licensing Options
Lab 1-1: Accessing the Remote Lab Environment
Module 2: Basic Connectivity and Device Management
Lessons
• Preparing the Cisco ASA Adaptive Security Appliance for Network Integration
• Managing Basic Cisco ASA Adaptive Security Appliance Network Settings
Lab 2-1: Configuring the Cisco ASA Adaptive Security Appliance
Module 3: Network Integration
Lessons
• Configuring Cisco ASA Adaptive Security Appliance NAT Features
• Configuring Cisco ASA Adaptive Security Appliance Basic Access Control Features
• Configuring Cisco ASA Adaptive Security Appliance Routing Features
Lab 3-1: Configuring NAT
Lab 3-2: Configuring Basic Cisco Access Control Features
Module 4: Cisco ASA Adaptive Security Appliance Policy Controls
Lessons
• Defining the Cisco ASA Adaptive Security Appliance MPF
• Configuring Cisco ASA Adaptive Security Appliance Advanced Application Inspections
Lab 4-1: Configuring MPF, Basic Stateful Inspections, and QoS
Lab 4-2: Configuring MPF Advanced Application Inspections
Module 5: Cisco ASA Adaptive Security appliance VPN Common Components
Lessons
• VPN Overview
• Implementing Profiles, Group Policies, and User Policies
• Implementing PKI Services
Module 6: Cisco Clientless VPN Solution
Lessons
• Introducing Clientless SSL VPN
• Deploying Basic Cisco Clientless SSL VPN on the Cisco ASA Adaptive Security Appliance
• Deploying Application Access in Cisco Clientless SSL VPN
• Deploying Client-Side Authentication and Authorization in Clientless SSL VPN
Lab 6-1: Implementing Basic Clientless SSL VPN on the Cisco ASA
Lab 6-2: Configuring Application Access for Clientless SSL VPN on the Cisco ASA
Lab 6-3: Implementing External Authentication and Authorization for Clientless SSL VPNs
Module 7: Cisco AnyConnect Full Tunnel VPN Solutions
Lessons
• Deploying Basic Cisco AnyConnect SSL VPN on Cisco ASA
• Deploying Advanced Cisco AnyConnect SSL VPN on Cisco ASA
• Deploying Advanced Authentication and Authorization in Cisco AnyConnect VPNs
• Deploying Cisco AnyConnect IPsec/IKEv2 VPNs
Lab 7-1: Implementing Basic Cisco AnyConnect SSL VPN on the Cisco ASA
Lab 7-2: Configuring Advanced Authentication for Cisco AnyConnect SSL VPNs
Lab 7-3: Implementing Cisco AnyConnect IPsec/IKEv2 VPNs
Module 8: Cisco ASA Adaptive Security Appliance High Availability and Virtualization
Lessons
• Configuring Cisco ASA Adaptive Security Appliance Interface Redundancy Features
• Configuring Cisco ASA Adaptive Security Appliance Active/Standby High Availability
• Configuring Security Contexts on the Cisco ASA Adaptive Security Appliance
Lab 8-1: Configuring Active/Standby High Availability