
Cisco Firepower Online Training guides students through the Cisco Firepower Threat Defense technology (FTD) along with Firepower Management Center (FMC) as a security management and reporting environment.
Taking this course, students will be able to understand Firepower concept, implement Firepower security rules on an operational level, build the secure Internet Edge a for corporate access as well as use Next Generation functions like creating Cisco Anti-Malware protection (AMP) policy, URL filtering, File policies and Intrusion Policies to protect network. Course as a part of Grandmetric bootcamp series teaches also how to efficiently troubleshoot security issues and Firepower solution.
This 3-day instructor led operational level course is prepared for participants that do not have time to travel to Grandemtric training center location and can take the course remotely via Internet and Online meeting tools.
Who should attend?
- Network consultants
- Security analysts
- Network engineers
- Network specialists
- IT Administrators
Cisco Firepower Online Training Agenda:
1) Day 1
- Lets know each other.
- Who are you?
- What is your background?
- Do you have hobbies out of the computer world?
- What is Cisco Firepower Threat Defense?
- IPS/IDS
- Snort
- Sourcefire
- Firepower
- FTD ~ Cisco Firepower + Cisco ASA = NGFW
- Components explained and management consoles
- Sensors –
- FTD (2100, 4100, 9300, ASA, virtual + ISR ),
- SFR
- NGIPS (7000, 8000, virtual)
- Firepower Management Center
- ASDM
- FDM
- Licensing
- Classic licenses
- Smart license – TASK Activate Evaluation !
- Registration process with Tasks
- FTD initial config
- Compatibility checks
- Routing
- No NAT
- With NAT
- Policies explained
- Access control policies + simple Task
- Intrusion policy
- Network analysis policy
- Prefilter policy
- Network Discovery policy
- File policy
- DNS policy
- Identity policy
- SSL policy
- Health policy
2) Day 2
- Access control policy in details + Tasks
- Rules
- AND match
- OR match
- Logging
- Actions
- Allow
- Trust
- Monitor
- Block
- Block with reset
- Interactive block
- Interactive block with reset
- Security intelligence
- HTTP response pages
- Policy assignments
- Inheritance settings and policy management
- Rule categories
- ACP report
Break 45 minutes
- Intrusion policy in details
- Cisco provided policies
- Rule action modifications
- Rule search
- Rule edit
- Thresholds
- Suppressions
- Alerts
- Rule creation
- Malware and File policy
- Rule creation
- Action types
- Types of analysis
- Advanced options
- Encrypted files
- File lists
3) Day 3
- Troubleshooting data path
- Features for traffic processing investigation:
- > system support trace
- > system support firewall-engine-debug
- > packet-tracer input Inside tcp 192.168.0.2 http 54.78.56.192 http
- > packet-tracer input Inside tcp 192.168.0.2 http 54.78.56.192 http detailed
- > capture-traffic
- OR
- > system support capture-traffic
Similar to tcpdump
- Enter to ASA cli:
>system support diagnostic-cli
Firepower>en
Lina-cli#
Break 45 minutes
- Tasks