Cisco ASA & ASA FirePOWER Services Bootcamp

“Cisco ASA & ASA FirePOWER Services ” guide the students through the Cisco ASA technology (ASA-OS) and the modern line of Next Generation products which is Cisco ASA FirePOWER Services. Taking this course, students will be able to understand complex ASA configuration, build the redundant Internet Edge and VPN solution for corporate access as well as use advanced NG functions like Cisco Anti-Malware protection (AMP), URL filtering, File policies and Intrusion Policies to protect the network. The course as a part of Bootcamp series teaches how to efficiently troubleshoot and report security issues.

Cisco ASA & ASA FirePOWER Services training agenda:

1) Networking basics with ASA

• ASA Interfaces, Subinterfaces, VLANs
• DHCP, Set route options
• Security Level Concept
• Inter and Intra interface flows
• Basic Management (Logging, traffic to the box, aaa, ntp sync)
• Management Real-Life Use Cases

2) ASA Routing and Link Redundancy

• ASA Static routing
• ASA Dynamic routing
• Port Channels, Link redundancy

3) Traffic Restrictions

• Object and object groups
• ACLs
• NAT (8.3+) Concept
• ASA Modular Policy Framework (MPF)

4) High Availability

• Failover Active-Standby
• Clustering Active-Active
• Security Contexts
• Resource Limitations

5) VPNs

• IPSec Site2Site
• Anyconnect SSL VPN client

6) FirePOWER Architecture and licensing

• Licensing, Architecture, Limitations
• Firepower Management Center installation
• SFR Modules Provisioning
• Traffic Flow & Redirection

7) ASA FirePOWER core features configuration

• Traffic processing and actions
• Access Control Policies
• ACP rules
• AND OR logic
• URL and URL categories – filtering
• AMP for Networks Concept – File & Malware policy
• IPS Concept – basic ruleset – Intrusion Policy
• SSL Policies
• Lists & Feeds

8) ASA FirePOWER advanced features configuration

• AD integration
• FMC User Agents vs Cisco pxGRID
• Troubleshooting and reporting

9) Migrating from ASA to Firepower