Dot Com Systems conducts Cisco ASA Firewall Training Course. The Cisco ASA Specialist certification recognizes security professionals who have attained specialized in-depth expertise and proven knowledge of the recommended best practices in designing, implementing, maintaining, and troubleshooting network security solutions, using the Cisco ASA adaptive security appliance. The Cisco ASA adaptive security appliance is widely deployed and in use at leading enterprises and service providers worldwide.

The Cisco ASA Specialist is recognized as the benchmark security product certification for engineers, consultants, and architects who configure advanced Cisco security appliances and VPN solutions, including advanced protocol handling, remote access VPNs, Secure Sockets Layer VPNs, site-to-site VPNs, high-availability VPNs, and failover.

Dot Com Systems is one of the Cisco ASA Firewall Training Course Institute in Dhaka, Bangladesh.

 

Cisco ASA Firewall Training Course Objectives:

  • Practice password recovery techniques for the Cisco ASA security appliance
  • Practice two techniques for building a basic firewall configuration from scratch
  • Gain an understanding of logging configurations and practice using syslog with the security appliance
  • Practice two methods of backing up and restoring device's configurations
  • Practice two methods of backing up and restoring your device's software image (operating system), including how to recover the software in a catastrophic fault condition
  • Practice configuring and using three methods of remote management
  • Gain an understanding of Network Address Translation and Port Address Translation on the ASA Security Appliance and practice using them in your configurations
  • Practice configuring three types of banners
  • Gain an understanding of Cisco privilege levels and practice configuring local usernames and privilege levels
  • Practice configuring your security appliance to authenticate via Windows Active Directory using RADIUS
  • Practice buidling and troubleshooting a DHCP server
  • Practice building three types of VPNs including site-to-site, remote access, and a clientless Web VPN
  • Gain an understanding of DMZs and practice building one with a Web server
  • Practice testing security configurations with a port scanner
  • Gain an understanding of filtering techniques and practice blocking Java applets
  • Practice building a transparent (layer 2) firewall

Course Content:

ASA Basic Configurations:

  • 1.1   Identify the ASA product family.
  • 1.1.a   5585-X
  • 1.1.b   8.3 memory requirements
  • 1.1.c   AIP-SSC
  • 1.1.d   AIP-SSM
  • 1.1.e   CSC-SSM
  • 1.1.f   5585-FW/VPN SSP
  • 1.1.g   5585-IPS SSP
     
  • 1.2   Implement ASA licensing.
  • 1.2.a   Identify ASA licensing requirements
  • 1.2.b   Install and Verify ASA license
     
  • 1.3   Manage the ASA boot process.
  • 1.3.a   ROMMON
  • 1.3.b   ASA 5505 factory default config
     
  • 1.4   Implement ASA interface settings.
  • 1.4.a   ASA interface security levels
  • 1.4.b   IP Addressing, DHCP client, Name, Speed, Duplex
  • 1.4.c   Management only interface
  • 1.4.d   VLANs
  • 1.4.e   Same security levels intra and inter interface communications
     
  • 1.5   Implement ASA management features.
  • 1.5.a  Basic settings (hostname, domain name, passwords, DNS)
  • 1.5.b  Passwords encryption (ASA 8.4)
  • 1.5.c  Enabling Management Access methods
  • 1.5.d  Management Access Authentication, Authorization, Accounting
  • 1.5.e  Privilege levels
  • 1.5.f   Local User Database
  • 1.5.g  External Database (ACS 4.2)
  • 1.5.h  NTP
  • 1.5.i   Logging options and Netflow Secure Event Logging
  • 1.5.j   SNMP
  • 1.5.k  DHCP Server
  • 1.5.l   Managing ASA file system/configs/images
  • 1.5.m Packet Tracer
  • 1.5.n  TCP Pings (ASA 8.4)
     
  • 1.6   Implement ASA access control features.
  • 1.6.a  Interface ACL
  • 1.6.b  Time Bases ACL
  • 1.6.c  Global ACL (ASA 8.4)
  • 1.6.d  Object Groups
  • 1.6.e  uRPF
  • 1.6.f   Shun
  • 1.6.g   Cut-through Proxy (Authentication/Authorization/Accounting)
     
  • 1.7   Implement Network Address Translation (NAT) on the ASA.
  • 1.7.a   Pre 8.3 - static, dynamic, policy, identity nat, nat exemption
  • 1.7.b   8.3 - object (auto) nat, manual (twice) nat
     
  • 1.8   Implement ASDM public server feature.
  • 1.8.a   ASDM configurations and verify resulting CLI commands
     
  • 1.9   Implement ASA quality of service (QoS) settings.
  • 1.9.a   PQ
  • 1.9.b   Policing
  • 1.9.c   Shaping
     
  • 1.10   Implement ASA transparent firewall.
  • 1.10.a   Bridge Group support on ASA 8.4
  • 1.10.b   Layer 3-7 Access Controls
  • 1.10.c   Layer 2 Access Controls

 

ASA Routing Features:

  • 2.1   Implement ASA static routing.
  • 2.1.a   Static routes
  • 2.1.b   Default routes
     
  • 2.2   Implement ASA dynamic routing.
  • 2.2.a   ASA Multicast routing support
  • 2.2.b   ASA dynamic routing protocols support
  • 2.2.c   Basic EIGRP routing

 

ASA Inspection Policy:

  • 3.1   Implement ASA inspections features.
  • 3.1.a   Modular Policy Framework
  • 3.1.b   Default policy and tuning
  • 3.1.c   L3/L4 inspections
  • 3.1.d   Advanced application inspections
  • 3.1.e   ASDM UC Config Wizard
  • 3.1.f   Connection and Local Host tables
  • 3.1.g   TCP state bypass
  • 3.1.h   TCP normalizer
  • 3.1.i   Dynamic Protocol support (established command)
  • 3.1.j   TCP Intercept
  • 3.1.k   Connection limits

 

ASA Advanced Network Protections:

  • 4.1   Implement ASA Botnet Traffic Filter.
  • 4.1.a   Blocking and Threat Level
  • 4.1.b   Black and White List
  • 4.1.c   Dynamic Database Updates
  • 4.1.d   DNS inspection

 

ASA High Availability:

  • 5.1   Implement ASA Botnet Traffic Filter.
  • 5.1a   Interface Redundancy
  • 5.1b   EtherChannel (ASA 8.4)
     
  • 5.2   Implement ASA Virtualization feature.
  • 5.2.a   Security Contexts
  • 5.2.b   Security Contexts Resource Limiting
     
  • 5.3   Implement ASA Stateful Failover.
  • 5.3.a   Active/Standby
  • 5.3.b   Active/Active
  • 5.3.c   Dynamic Routing Protocol Stateful Failover (ASA 8.4)