header
headerhomeService AreasCourse CatalogTraining SchedulesEnrollAbout UsCareers
   

 

Securing Networks with PIX and the ASA (SNPA) v5.0

5-day Course

Course Description

Securing Networks with PIX and ASA (SNPA) is a five-day, leader-led, lab-intensive course. This task-oriented course teaches the knowledge and skills needed to configure, maintain, and operate Cisco PIX 500 Series Security Appliances and Cisco ASA 5500 Series Adaptive Security Appliances. SNPA is recommended training for the Cisco Certified Security Professional (CCSP) certification.

 

Course Objectives

What you will learn:

  • Security Appliance features, models, components, and benefits
  • Security Appliance interface security levels
  • Configure a Security Appliance for basic network connectivity
  • Configure the Security Appliance to send syslog messages to a syslog server
  • How the TCP and UDP protocols function with the Security Appliance
  • How static and dynamic translations function
  • Security Appliance Port Address Translation (PAT) feature
  • Function and configuration of ACLs and NAT 0 ACLs
  • Configure active code filtering (ActiveX and Java applets)
  • Configure the Security Appliance for URL filtering
  • Object grouping feature of the Security Appliance and its advantages
  • AAA protocols supported by the Security Appliance
  • Configure AAA authentication for Security Appliance access
  • Configure cut-through proxy authentication and tunnel access authentication
  • Configure AAA accounting
  • Install and configure basic Cisco Secure ACS functions
  • How the Security Appliance implements FTP and HTTP protocol inspection
  • How the Security Appliance implements remote shell (rsh), SQL, SMTP, ICMP, and SNMP protocol inspection
  • Tasks and commands to configure Security Appliance IPSec support
  • Configure the Easy VPN Server for remote access VPN using the Cisco VPN Client
  • Configure WebVPN general parameters, servers, URLs, and port forwarding
  • Monitor and maintain transparent firewall mode
  • Configure and manage a security context
  • Security Appliance hardware failover requirements
  • Configure Active/Standby Failover
  • Configure Active/Active Failover
  • Install ASDM and use it to configure the Security Appliance
  • Configure the AIP-SSM setup parameters
  • Configure a security policy on an ASA Security Appliance using ASDM
  • Configure Telnet and SSH access to the Security Appliance console
  • Recover the Security Appliance passwords using general password recovery procedures
  • Use TFTP to install and upgrade the software image on the Security Appliance

 

Intended Audience

Cisco customers who implement and maintain PIX and ASA Security Appliances; Cisco channel partners who sell, implement, and maintain PIX and ASA Security Appliances; and Cisco systems engineers who support the sale of PIX and ASA Security Appliances.

 

Prerequisites

 

Course Outline

  1. Cisco Security Appliance Technology and Features
  2. Cisco PIX Security Appliance and ASA Adaptive Security Appliance Families
  3. Getting Started with Cisco Security Appliances
  4. Translations and Connections
  5. Access Control Lists (ACLs) and Content Filtering
  6. Object Grouping
  7. Authentication, Authorization, and Accounting (AAA)
  8. Switching and Routing
  9. Modular Policy Framework
  10. Advanced Protocol Handling
  11. VPN Configuration
  12. Configuring Security Appliance Remote Access Using Cisco Easy VPN
  13. Configuring ASA for WebVPN
  14. Configuring Transparent Firewall
  15. Configuring Security Contexts
  16. Failover
  17. Cisco Security Appliance Device Manager
  18. AIP-SSM - Getting Started
  19. Managing Security Appliances

 

Course Labs

  • Lab 1: Remote Lab Environment Familiarization
  • Lab 2: Basic Security Appliance Configuration
  • Lab 3: Translations and Connections
  • Lab 4: Access Control Lists (ACLs), ICMP Filters and Object Groups
  • Lab 5: Authentication, Authorization, and Accounting
  • Lab 6: Exclusive - Configure Modular Policy Framework
  • Lab 7: Advanced Protocol Inspection
  • Lab 8: Site-to-Site VPN with Pre-Shared Keys
  • Lab 9: Site-to-Site VPN with Digital Certificates
  • Lab 10: Remote Access VPN
  • Lab 11: Web VPN
  • Lab 12: Transparent Firewall and Security Contexts
  • Lab 13: Active/Standby LAN-Based Failover
  • Lab 14: Active/Active LAN-Based Failover
  • Lab 15: ASDM
  • Lab 16: Managing the Security Appliance


TOP

 
 

Course Description

Course Objectives

Intended Audience

Prerequisites

Course Outline

Course Labs

 

 
 

 

    
 
Course Catalog Training Schedules Enroll Training Locations Cancellation Policy Contact Us Related Links Site Map
Service Areas Careers About Us Customer Quotes News & Events
 

CCIP, CCIE, CCDA, CCDP, CCNP, CCNA, VLANDirector, TrafficDirector, CiscoWorks 2000, ONS 15454 Secure PIX Firewal, Secure Virtual Private Networks, Cisco, Cisco Systems, Cisco Systems Logo, Catalyst, EtherChannel, IOS and LightStream are registered trademarks of Cisco Systems, Inc. or its affiliates in the US and certain other countries.