1. Introducing Cisco Security Appliance Technology and Features

• Functions of the three types of firewalls that are used to secure modern computer networks
• Technology and features of Cisco security appliances

2. Cisco Adaptive Security Appliance and PIX Security Appliance Families

• Cisco ASA security appliance models
• Cisco ASA security appliance licensing options

3. Getting Started with Cisco Security Appliances

• Four main access modes
• Security appliance file management system
• Security appliance security levels
• ASDM requirements and capabilities
• Use the CLI to configure and verify basic network settings, and prepare the security
• appliance for configuration via ASDM
• Verify security appliance configuration and licensing via ASDM

4. Essential Security Appliance Configuration

• Configure a security appliance for basic network connectivity
• Verify the initial configuration
• Set the clock and synchronize the time on security appliances
• Configure the security appliance to send syslog messages to a syslog server

5. Configuring Translations and Connection Limits

• Function of TCP and UDP protocols within the security appliance
• Function of static and dynamic translations
• Configure dynamic address translation
• Configure static address translation
• Set connection limits

6. Using ACLs and Content Filtering

• Configure the basic function of ACLs
• Configure additional functions of ACLs
• Configure active code filtering (ActiveX and Java applets)
• Configure the security appliance for URL filtering
• Use the packet tracer for troubleshooting

7. Configuring Object Grouping

• Object grouping feature of the security appliance and its advantages
• Configure object groups and use them in ACLs

8. Switching and Routing on Security Appliances

• Configure logical interfaces and VLANs
• Configure static routes and static route tracking
• Dynamic routing capabilities of Cisco security appliances
• Configure passive RIP routing

9. Configuring AAA for Cut-Through Proxy

• Define and compare AAA
• Install and configure Cisco Secure ACS
• Configure the local user database
• Define and configure cut-through proxy authentication
• Define and configure user authorization using downloadable ACLs
• Define and configure accounting

10. Configuring the Cisco Modular Policy Framework

• Cisco Modular Policy Framework feature for security appliances
• Functionality of class maps
• Functionality of policy maps
• Functionality of service policies
• Use ASDM to configure a service policy rule

11. Configuring Advanced Protocol Handling

• Need for advanced protocol handling
• How the security appliance implements inspection of common network applications
• Issues with multimedia applications and how the security appliance supports multimedia call control and audio sessions

12. Configuring Threat Detection

• Threat detection and statistics
• Configure basic threat detection and scanning threat detection
• Configure and view threat detection statistics

13. Configuring Site-to-Site VPNs Using Pre-Shared Keys

• How security appliances enable a secure VPN
• Perform the tasks necessary to configure security appliance IPsec support
• Commands to configure security appliance IPsec support
• Configure a VPN between security appliances

14. Configuring Security Appliance Remote Access VPNs

• Cisco Easy VPN
• Cisco VPN Client
• Configure an IPSec Remote Access VPN
• Configure Users and Groups

15. Configuring Cisco Security Appliances for SSL VPN

• SSL VPN and its purpose
• Use the SSL VPN Wizard to configure a basic clientless SSL VPN connection
• Configure SSL VPN policies
• Verify SSL VPN operations
• Customize the clientless SSL VPN portal

16. Configuring Transparent Firewall Mode

• Purpose of transparent firewall mode
• How data traverses a security appliance in transparent mode
• Enable transparent firewall mode
• Monitor and maintain transparent firewall mode

17. Configuring Security Contexts

• Purpose of security contexts
• Enable and disable multiple context mode
• Configure a security context
• Manage a security context

18. Configuring Failover

• Difference between hardware and stateful failover
• Difference between active/standby and active/active failover
• Security appliance failover hardware requirements
• Configure redundant interfaces
• How active/standby failover works
• Security appliance roles of primary, secondary, active, and standby
• How active/active failover works
• Configure active/standby cable-based and LAN-based failover
• Configure active/active failover
• Use remote command execution

19. Managing Security Appliances

• Configure Telnet access to the security appliance
• Configure SSH access to the security appliance
• Configure command authorization
• Recover security appliance passwords using general password recovery procedures
• Use TFTP to install and upgrade the software image on the security appliance

LABORATORI

Lab 4: Configuring ACLs and Using Object Groups
Lab 5: Switching and Routing
Lab 6: Cut-Through Proxy
Lab 7: Modular Policy Framework, Advanced Protocol Handling
Lab 8: Threat Detection
Lab 9: Site-to-Site VPN
Lab 10: Remote Access VPN
Lab 11: SSL Clientless VPN
Lab 12: Transparent Mode Firewall and Security Contexts
Lab 13: Active/Standby Failover
Lab 14: Active/Active Failover
Lab 15: Managing the Security Appliance

Questo corso prepara alla certificazione 642-524 Securing Networks with ASA Foundation, richiesta per la certificazione CCSP- Cisco Certified Security Professional