Cisco ASA Next Gen Firewall with FirePOWER Services Technical Workshop v2.0

Overview

Multifaceted, highly dynamic applications and bring-your-own-device (BYOD) workplaces have become the norm, and with them comes the challenge to balance productivity with security. Cisco ASA Next-Generation Firewall Services addresses these needs by adding next-generation capabilities including the ASA FirePOWER Services (SFR) Module with Application Visibility and Control (AVC), Intrusion Protection, URL filtering and Malware protection to the industry’s most proven stateful inspection firewall. The results are end-to-end network intelligence and streamlined security operations. Organizations can reap the productivity benefits of these new applications and devices without compromising their security. This 2 day training will cover the above spoken aspects and bring participants closer to understanding how they can demonstrate these capabilities to potential customers.

Days:

Course Code:

2

GKASA5500X

Pre-Requisites

Attendees should meet the following prerequisites:

  • CCNA Certified preferably CCNA Security certified
Content

Module 1: Introducing the New Mid-Range Cisco ASAs – 5506-X, 5508-X and 5516-X and the Next Generation Firewall Services – FirePower Services v5.4.1.

  • Cisco ASA Product Range
  • ASA Architecture
  • How to Sell – Migration Driver
  • Competition Advantage
  • Licensing, Benefits and Components

Module 2: Installing, Configuring and Integrating the ASA FirePOWER Services (SFR) module within an ASA.

Module 3: Introducing the ASDM v7.3(3) with on-box the FireSIGHT Management.

Module 4: Exploring the off-box FireSight Management Center.

  • Verify the licenses
  • Add the ASA FirePOWER Services (SFR) Module
  • Network Discovery

Module 5: Using the Cisco Security Manager (CSM) to cross-launch the FireSIGHT Management Center.

Module 6: Integrate FireSIGHT Management Center with Microsoft Active Directory and the SourceFire User Agent.

  • Create a user and user-group based policy

Module 7: Explore the Initial System and Health policy settings of the SFR Module.

Module 8: Examine the FireSIGHT Management Intrusion Protection System (IPS) Mechanisms.

Module 9: Explore FireSight Management Center URL Filtering.

Module 10: Examine the FireSIGHT Management Center File Policies to block file applications and malware.

Module 11:Implement FireSIGHT Management Access Policies to:

  • Access un-acceptable web sites to trigger to block or interactive block response page.
  • Access file transfers to trigger the blocking File Policy rule.
  • Trigger the malware blocking policy rule during a malware file transfer.
  • Trigger the Intrusion Prevention System during an attack.

Module 12:  Examine the Connection, Intrusion Protection and Malware Events in the FireSight Management Center Reporting System. Module 13: Test the user based Access Control Policy.

Module 13: Analyse the FireSIGHT Management Center Application, User, Treat Analysis and Indications of comprise reports.

Module 14: Explore the FireSIGHT Management Center Dashboard.

Labs:

Objectives

After you complete this course you should be able to:

  • Understand and articulate the features and benefits of Cisco’s Next Generation Adaptive Security Appliances
  • Complete initial set-up
  • Access and Manage the ASA via ASDM Install, configure and Integrate Cisco CX Software Modules with an existing ASA
  • Integrate Active Directory for user and user-based policies
  • Understand the differences between Cloud Web Security and Web Security Essentials
  • Understand Cisco’s Competitive Advantage
Target Audience

Pre-sale consultants and engineers involved in customer demostrations and proof of concept environments.

Certification

Recommended as preparation for exams:

  • There is currently no exam aligned to this course.
vendors Course Code Course Title Days Date
Cisco Certifications in Dubai, Cisco Training in UAE
GKASA5500X Cisco ASA Next Gen Firewall with FirePOWER Services Technical Workshop v2.0 2 View All Dates

This public courses are pre-scheduled throughout the year at our premises

Online, live and interactive training accessible from anywhere

We can deliver standard or customised training at any time and location that suits your employees

Guaranteed courses are confirmed to run on the specific dates shown